PDF

PDF VECTORS

Action Scripts & URI Handling

Home > PDF Document

Technical Overview

Portable Document Format (PDF) is a complex standard that supports rich media and scripting. Attack surfaces within PDF viewers (Acrobat, Foxit, etc.) often rely on JavaScript execution or URI handling features intended for interactive forms, but repurposable for red team objectives.

Key Mechanisms

/OpenAction: Triggers actions (like JavaScript execution) immediately upon the document opening.
URI Actions: Can force outgoing SMB connections (NTLM leakage) or launch external URIs.
Form Calculation: Using XFA (XML Forms Architecture) to run scripts hidden within form logic.

Red Team Advantages

Universal Trust PDFs are the global standard for business, invoicing, and legal documents.
Phishing Context Ideally suited for "Invoice Attached" or "Scanned Document" social engineering campaigns.
Viewer Diversity Exploits can target specific vulnerabilities in different PDF reader implementations.

Purchase PDF Exploit

Proof & Verification

🎬 VIDEO

▶

Video coming soon

Watch Full Demo

🛡️ AV SCAN RESULTS

0/60

Detection Rate

View Full Report