Hack via PDF

Hack via PDF

To launch the attack, just generate and send the target PDF file.

The utility is available at GitHub so it is easy to perform the attack on any Linux OS or emulator with Python.



 

Installation

> git clone https://github.com/deepzec/Bad-Pdf.git.
> cd Bad-Pdf
> python badpdf.py
> chmod +x badpdf.py

This will open a window for entering various data, namely the file name, the IP address of our victim and the interface.



Once started, we need to enter the path of the respondent unless it is detected automatically /usr/sbin/responder // 1.

Next IP, file and interface, nothing complicated.

 

.

.
If everything turns out the file should be sent to the potential target, you can use social networks or e-mail.

.

We got essentially a Windows user password hash. The channel has a a way to search the hash for the final Windows password.

 

Also, some versions, including early Windows 10, allow you to login with the hash alone.

A bit of software to exploit this vulnerability: FreeRDP, pth-winexe (githab).



WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.


10 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: