Hello guys i want to ask how i can embed an encrypted payload created with veil-evasion to a pdf !
Forum Thread: How to Embed an Veil Encrypted Payload to a Pdf !
- Hot
- Active
-
Metasploit Error:
Handler Failed to Bind
40
Replies
5 days ago -
Forum Thread:
How to Know if You Are a Script Kiddie?
9
Replies
1 wk ago -
Forum Thread:
How to Identify and Crack Hashes
8
Replies
1 wk ago -
Forum Thread:
How to Hack School Website
8
Replies
2 wks ago -
Forum Thread:
Whenever I Try "Airmon-Ng Start wlan0" There's an Error?
16
Replies
2 wks ago -
Forum Thread:
How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux
14
Replies
2 wks ago -
Forum Thread:
Awesome Keylogging Script - BeeLogger
30
Replies
3 wks ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
27
Replies
3 wks ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
48
Replies
3 wks ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
121
Replies
1 mo ago -
How to:
Minecraft DoS'Ing with Python.
1
Replies
2 mo ago -
Forum Thread:
HELP I Created an Apk for Hacking My Phone Using Kali Linux in Virtual Box How Can I Install That Apk on My Phone
17
Replies
2 mo ago -
Forum Thread:
Tools for Beginner Hacker
3
Replies
2 mo ago -
Forum Thread:
How to Embed an Android Payload in an Image?
9
Replies
2 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
46
Replies
3 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
11
Replies
3 mo ago -
Forum Thread:
Fix Initramfs Problem
5
Replies
3 mo ago -
Forum Thread:
Kali Wont Start, Stuck at Kali Login:
21
Replies
4 mo ago -
Forum Thread:
How to View Your Child's What's App And Many More!
3
Replies
4 mo ago -
Forum Thread:
Proxy Lists for Proxy Chains
1
Replies
5 mo ago
-
How To:
Brute-Force FTP Credentials & Get Server Access
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Dox Anyone
-
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
-
How To:
Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Use Hash-Identifier to Determine Hash Types for Password Cracking
-
How To:
Seize Control of a Router with RouterSploit
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
Tutorial:
Create Wordlists with Crunch
-
How To:
Perform Advanced Man-in-the-Middle Attacks with Xerosploit
-
How To:
Embed a Metasploit Payload in an Original .Apk File | Part 2 – Do It Manually
-
How To:
Use SQL Injection to Run OS Commands & Get a Shell
-
How To:
Crack WPA/WPA2 with Wifite
9 Responses
Probably you can't, But if you got a windows 7 machine lying somewhere you could Bind the payload and PDF using celesty binder or any other binder, and then change the icon of the generated file to a PDF icon to make it look legit.
This. There is no way that I know of to fake a file extension without exploiting a vulnerability so the best you can do is make it look like a PDF same an hope they fall for it.
Cheers,
Washu
Actually, on most operating systems, you are able to hide the actual extension of a file as well as change the logo, making it look and feel like a pdf. Prepare your file with a hidden extension but also a .pdf before that hidden extension and put it on a usb stick or send it to them through email.
Here are some links that should teach you how to hide extensions on different operating systems:
Windows
Mac
Be sure to also change the icon of the file so that it looks like a pdf:
Windows
Mac
Hope this helps you out!
-Cameron Glass
You wont be faking the file extension, you will just bind it with another file, so when the victim opens the file it also opens whatever file he binded it with, Also the extension is still .exe but most users don't have The extensions visible so by changing the Icon it will look exactly like a PDF or whatever
Yes he is correct. The extension is still there but the windows OS hides the first extension by default
Exaclty
Yes but when he will click to download the file he will probably see payload.pdf.exe on the description :/
True but if you send the file in a zip, he might still get fooled.
Cheers,
Washu
Yeah probably
Share Your Thoughts