Description:
We introduced Scenario based Hacking in the
Metasploit Megaprimer Part 17. Please have a look there first before you begin this series, to understand the context. This is Part 3 of Scenario Based Hacking (SBH).
Please begin by watching Part 1, if you have not already done so.In Part 3, we will look at how to break into a machine which has it's OS patched, does not have an AV or Firewall and is behind a NAT. It is important to note that even though the OS is patches, software utilities on the system like Adobe PDF might not be updated to the latest version. This is true for most home users and in some cases even corporate users, where updates may have to be pushed from an update server, and cannot happen automatically from across the Interent. In this video, we will learn how to exploit such a machine using a generic PDF attack which allows us to embed a Metasploit Payload into a PDF file. Then we somehow use social engineering to have the victim execute it. Once the victim executes it, the Meterpreter reverse tcp payload connects back to us and gives us full access to the victim system.
Looking forward to your comments!
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
plz post other videos about SBH.thanx in advance
when I am hit exploit it gives me error
[*] Reading in '/root/new.pdf'...
[*] Parsing '/root/new.pdf'...
[-] Exploit exception: undefined method `[]' for nil:NilClass
why it happening..?
Sir can can u elaborate more on how u got it connected to the victim coz i did exactly same thing u did but no session was created, sorry that vivek-resume.pdf is the vulnerable pdf u downloaded or just an ordinary directory , pls coz the video really put a lot of doubt in me on how to go about the sending pdf file to a victim? thanks and remain bless.....