@Renek,
did you look into Muts' PDF he published (intended or not) a while ago? I think it covers a lot of the Offsec course. It is somehow called "Offensive Security Labs". I saw his PDF hanging...

Always, always come with precise information to this forum.
Post your /etc/apt/sources.list and we will see what causes your problem.

To switch your interface on use:

#ifconfig eth0 up
But the more interesting question is, are you running BT on a VM?
If yes, check out the settings of your VM and look for virtual hardware >...

Which Alfa-USB adapter do you use?

Looks very interesting!
I'll probably check it out.

I will respond to this like this.

First: There is a noip-client for BT available already, try apt-get noip2
Second: When you try to redirect the exploited system to your computer externally (this means, the ex. system is not in your...

@samiux,
could you exactly tell how the results were? Did the AVs notice anything - did the binded result even launch like the legit part of the .exe (the calculator.exe for instance) work?

Did...

Why no notice then? You could mention the version-limitation for your pdf-binding anywhere in your script.

doublepost

@LHYX1,

well - but currently the PDF-Backdoor isn't working is it?
I am testing it right now and I see no good results. The PDF doesn't get detected after all - however, the backdoor isn't...

Good news! So, when is it coming out?

@LHYX,
here is my edited version of your code.

Here are the few coding-changes:


- New attack form added to the menu

....
8) windows/fileformat/adobe_pdf_embedded_exe [+ 5)]

@LHYX1, the edited version of your code works like this:

01. PDF Binder shows up as choice 8
02. The encoded backdoor.exe gets written as usual (in crypter.py)
03. The PDF Export question shows...

Doublepost

@LHYX1,
I managed to implement the whole extension, but problem is, the PDF gets detected by every AV.

I read that damn code of course, and those socket parts made it a little legit at last.
But at the too late end, I saw this line

{
printf("Now type nc %s 12345 to see if you've got...

I compiled this one
link removed

And now everything I had, the whole / is wiped out.
Fortunately I have a backup, but can anyone tell me what the hell just happened?

I compiled it using
...

@e3HQ67S, No - I did not experience such a life-pan heuristic on my testing machines with their AVs. I think it's more a question of the actual AV, which is in use.

@LHYX1, The greater question...

You're a Belgian gladiator!

It often happens that SET somehow is not cloning every file of a target site
and so it doesn't look legit in the testing.

Where is SET saving its cloned sites to?
I checked the www dir but it...

Problem solved:

Clear out the /etc/network/interfaces file, so that it is empty.
Then,

#service network-manager restart

and finally, add a notification area to your panel manually.
You...

doublepost

I tried to install this damn Network-Manager on my Gnome 32-BT5 and that damn thing did not work.
My /etc/network/interface was configured like


auto lo
iface lo inet loopback

But it didn't...

Double-post