How can imbed a (veil-evasion) payload in a working pdf or image file ? so when the pdf/image opens, the payload executes ?
- Hot
- Active
-
Forum Thread: How to Find Admin Panel Page of a Website? 14 Replies
1 hr ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 22 Replies
11 hrs ago -
Forum Thread: Hack Instagram Account Using BruteForce 207 Replies
1 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
1 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
1 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
1 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
2 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
2 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
2 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
2 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
3 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
3 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
4 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
5 mo ago -
Forum Thread: How to Hack School Website 11 Replies
5 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
5 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
6 mo ago -
Forum Thread: Hacking with Ip Only Part [1] { by : Mohamed Ahmed } 5 Replies
7 mo ago -
Forum Thread: Problem with Airmon-Ng and VM 3 Replies
7 mo ago -
Forum Thread: Which one is Animal Picture Is Inside in Kali Linux Wallpaper 3 Replies
10 mo ago
-
How To: Dox Anyone
-
How To: Use SpiderFoot for OSINT Gathering
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How To: Crack Shadow Hashes After Getting Root on a Linux System
-
How To: Make Your Own Bad USB
-
How To: Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
How To: Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How To: Gain Complete Control of Any Android Phone with the AhMyth RAT
-
Hacking macOS: How to Create a Fake PDF Trojan with AppleScript, Part 2 (Disguising the Script)
-
How To: Hack MacOS with Digispark Ducky Script Payloads
-
How To: Write Your Own Bash Script to Automate Recon
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To: Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To: Use Ettercap to Intercept Passwords with ARP Spoofing
-
How To: Bypass File Upload Restrictions on Web Apps to Get a Shell
-
Hack Like a Pro: How to Find Directories in Websites Using DirBuster
-
Hacking Windows 10: How to Dump NTLM Hashes & Crack Windows Passwords
-
How To: Scan Websites for Interesting Directories & Files with Gobuster
16 Responses
How can I imbed*
Isnt it embed haha??
oh srry, yeah embed..
but nvm, it's detected now, the veil-evasion is useless now :'(
another ways ?!
try this powershell attack using a word document...works like charm and is not detected by AVAST when executed (that's what i have on my machine and it's a powerful AV)
Thank you :D
hi, does it work even with android office files opener? therefore the os won't be windows but android itself. thanks
Try a different type of exploit... or change the language payload is written in..
You mean the aecencrypt ? which exploit ?!!
Also how to change the language ?!
What I mean is.. try a different exploit except pdf.. just give it a pdf icon or something...
There is a tut on how to change language..
I didnt change it to pdf, I just used the handler and the payload output, and AVAST caught it!
Can you link me to that "change languahe" tutorial ? I cant find it!
Theres a guide for it in listeners section.. check it out!!
Can you link me to it please ?
You mean this one:
https://null-byte.wonderhowto.com/how-to/hack-like-pro-embed-backdoor-connection-innocent-looking-pdf-0140942/
?
it seems to be working for a specific payload or exploit! (correct me if i'm wrong)
personally, i use 3 methods:
1) bind the veil payload to a valid pdf file using winrar SFX, and add a pdf icon of course
2) I make a veil payload and change its icon to any file type i like, pdf, doc, docx or jpg, using icoFX... it may look suspicious when the victim clicks on it and nothing happens, but to make it less suspicious, i send it to the victim among other clean files (black sheep in a white herd)
3) use the adobe_pdf_embedded_exe in metasploit and specify my own exe file using the command: set EXENAME /root/veilpayload.exe (doesn't work with all versions of pdf)
hi, could you start up a thread within here concerned? thanks
Share Your Thoughts