Hello guys i want to ask how i can embed an encrypted payload created with veil-evasion to a pdf !
Forum Thread: How to Embed an Veil Encrypted Payload to a Pdf !
- Hot
- Active
-
Forum Thread:
Metasploit Reverse TCP Listener for Public IP Address
3
Replies
1 day ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
164
Replies
6 days ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
12
Replies
1 wk ago -
Forum Thread:
Hack Instagram Account Using BruteForce
195
Replies
1 wk ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
48
Replies
1 wk ago -
Forum Thread:
While msfconsole i'm getting this.
5
Replies
1 wk ago -
Forum Thread:
How to Pastebin Accounts
8
Replies
1 wk ago -
Forum Thread:
Eml to PST Conversion
5
Replies
1 wk ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
10
Replies
1 wk ago -
Forum Thread:
Changing IP Address
10
Replies
2 wks ago -
Forum Thread:
HACKING GMAIL
1
Replies
2 wks ago -
Forum Thread:
Phish with HiddenEye - A tool with Advanced Feature
2
Replies
2 wks ago -
Forum Thread:
How to Hack School Website
7
Replies
2 wks ago -
Forum Thread:
Android/Metasploit - Keep a session alive
2
Replies
3 wks ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
44
Replies
3 wks ago -
How to:
HACK Android Device with TermuX on Android | Part #2 - Over WLAN Hotspot [Ultimate Guide]
25
Replies
1 mo ago -
Forum Thread:
Msfconsole Error After Msfupdate
7
Replies
1 mo ago -
Forum Thread:
How to Track Who Is Sms Bombing Me .
2
Replies
1 mo ago -
Forum Thread:
How to Hack CCTV Private Cameras
66
Replies
1 mo ago -
Forum Thread:
How to Get Router PIN?
11
Replies
1 mo ago
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Use LinEnum to Identify Potential Privilege Escalation Vectors
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Upgrade a Normal Command Shell to a Metasploit Meterpreter
9 Responses
Probably you can't, But if you got a windows 7 machine lying somewhere you could Bind the payload and PDF using celesty binder or any other binder, and then change the icon of the generated file to a PDF icon to make it look legit.
This. There is no way that I know of to fake a file extension without exploiting a vulnerability so the best you can do is make it look like a PDF same an hope they fall for it.
Cheers,
Washu
Actually, on most operating systems, you are able to hide the actual extension of a file as well as change the logo, making it look and feel like a pdf. Prepare your file with a hidden extension but also a .pdf before that hidden extension and put it on a usb stick or send it to them through email.
Here are some links that should teach you how to hide extensions on different operating systems:
Windows
Mac
Be sure to also change the icon of the file so that it looks like a pdf:
Windows
Mac
Hope this helps you out!
-Cameron Glass
You wont be faking the file extension, you will just bind it with another file, so when the victim opens the file it also opens whatever file he binded it with, Also the extension is still .exe but most users don't have The extensions visible so by changing the Icon it will look exactly like a PDF or whatever
Yes he is correct. The extension is still there but the windows OS hides the first extension by default
Exaclty
Yes but when he will click to download the file he will probably see payload.pdf.exe on the description :/
True but if you send the file in a zip, he might still get fooled.
Cheers,
Washu
Yeah probably
Share Your Thoughts