Browse Exploit & Auxiliary Modules
The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.
Search for modules
Foxit Reader Authorization Bypass
This module exploits a authorization bypass vulnerability in Foxit Reader build 1120. When a attacker creates a specially crafted pdf file containing a Open/Execute action, arbitrary commands can be executed without confirmation from the victim.
Rank
- Normal
Authors
- MC < mc [at] metasploit.com >
- Didier Stevens < didier.stevens [at] gmail.com >
References
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/pdf/foxit/authbypass
msf auxiliary(authbypass) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/pdf/foxit/authbypass
msf auxiliary(authbypass) > run
Module Options
| CMD | The command to execute. (default: /C/Windows/System32/calc.exe) |
| FILENAME | The file name. (default: msf.pdf) |
| OUTPUTPATH | The location of the file. (default: ./data/exploits/) |
| DisablePayloadHandler | Disable the handler code for the selected payload |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |