To launch the attack, just generate and send the target PDF file.
The utility is available at
> git clone https://github.com/deepzec/Bad-Pdf.git. > cd Bad-Pdf > python badpdf.py > chmod +x badpdf.py
This will open a window for entering various data, namely the file name, the IP address of our victim and the interface.
Once started, we need to enter the path of the respondent unless it is detected automatically
/usr/sbin/responder // 1.
Next IP, file and interface, nothing complicated.
If everything turns out the file should be sent to the potential target, you can use social networks or e-mail.
We got essentially a Windows user password hash. The channel has a
Also, some versions, including early Windows 10, allow you to login with the hash alone.