How can imbed a (veil-evasion) payload in a working pdf or image file ? so when the pdf/image opens, the payload executes ?
- Hot
- Active
-
Forum Thread:
What Are Some Good Budget Laptops for Pentestin
12
Replies
2 days ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
8
Replies
2 days ago -
Forum Thread:
Hack Instagram Account Using BruteForce
193
Replies
2 days ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
117
Replies
4 days ago -
Forum Thread:
How Do I Access Different Directories Within Android via Meterpreter
5
Replies
6 days ago -
Forum Thread:
Best Programming Language?
8
Replies
1 wk ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
4
Replies
1 wk ago -
Forum Thread:
Fix Meterpreter Problem
2
Replies
1 wk ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
31
Replies
2 wks ago -
Forum Thread:
Need Help with FatRat Over WAN
1
Replies
2 wks ago -
Forum Thread:
Kali Linux Boot Error
8
Replies
2 wks ago -
Forum Thread:
I Want to Hack in to My Friends System Through his wifi router i am controlling
8
Replies
2 wks ago -
Forum Thread:
Kali linux command error. Kindly help
3
Replies
2 wks ago -
Forum Thread:
How to Create a Python Remote Keylogger for Facebook
27
Replies
2 wks ago -
Forum Thread:
Kali Linux Handshake Porblem
2
Replies
2 wks ago -
Forum Thread:
Port Forwarding Problem in Metasploit Can't Establish Connection (WAN)
3
Replies
3 wks ago -
Forum Thread:
GMail Brute Force Dictionary Attack Script
31
Replies
4 wks ago -
Forum Thread:
Msfvenom Android Exploitation Outside LAN?
12
Replies
4 wks ago -
Forum Thread:
How to decrypt .CAP file of handshake during WiFi attack
2
Replies
1 mo ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
7
Replies
1 mo ago
-
How To:
Clear the Logs & Bash History on Hacked Linux Systems to Cover Your Tracks & Remain Undetected
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
Hack Like a Pro:
How to Crack Passwords, Part 4 (Creating a Custom Wordlist with Crunch)
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Crack WPA/WPA2 with Wifite
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
16 Responses
How can I imbed*
Isnt it embed haha??
oh srry, yeah embed..
but nvm, it's detected now, the veil-evasion is useless now :'(
another ways ?!
try this powershell attack using a word document...works like charm and is not detected by AVAST when executed (that's what i have on my machine and it's a powerful AV)
Thank you :D
hi, does it work even with android office files opener? therefore the os won't be windows but android itself. thanks
Try a different type of exploit... or change the language payload is written in..
You mean the aecencrypt ? which exploit ?!!
Also how to change the language ?!
What I mean is.. try a different exploit except pdf.. just give it a pdf icon or something...
There is a tut on how to change language..
I didnt change it to pdf, I just used the handler and the payload output, and AVAST caught it!
Can you link me to that "change languahe" tutorial ? I cant find it!
Theres a guide for it in listeners section.. check it out!!
Can you link me to it please ?
You mean this one:
https://null-byte.wonderhowto.com/how-to/hack-like-pro-embed-backdoor-connection-innocent-looking-pdf-0140942/
?
it seems to be working for a specific payload or exploit! (correct me if i'm wrong)
personally, i use 3 methods:
1) bind the veil payload to a valid pdf file using winrar SFX, and add a pdf icon of course
2) I make a veil payload and change its icon to any file type i like, pdf, doc, docx or jpg, using icoFX... it may look suspicious when the victim clicks on it and nothing happens, but to make it less suspicious, i send it to the victim among other clean files (black sheep in a white herd)
3) use the adobe_pdf_embedded_exe in metasploit and specify my own exe file using the command: set EXENAME /root/veilpayload.exe (doesn't work with all versions of pdf)
hi, could you start up a thread within here concerned? thanks
Share Your Thoughts