I wrote some rough notes on how I use them in this thread here.
Great stuff... thx...
i was playing with this little christmas gift (thank you) and noticed that yahoo mail avi and a few others are all picking it up as a backdoor.... would it be possible to Hex edit the .exe or something of this nature? if so does anyone know what bits must be changed? thank you for your time. and another great post. a real no sleeper for me lol. thank you agian purehate
Sure you can use msfencode and create the .pdf via the msfcli command line however those are the kinds of things I generally do not feel comfortable making tutorials on. There is lots of info on msfencode around.
I have sent email from BT4 gmail to hotmail account on XP sp2 with pdf attached ok. When I click on the attached pdf I get the following
" The file security_update.pdf is infected with an unknown virus, so it isn't safe to download "
any ideas as what next ?
The post above yours tells you what to look for.
Thanks for the excellent write up. I have been experimenting with this and it works fine on my x86 Win XP SP3 machine, but I can't get it to work with a x64 Win 7 Ultimate machine.
I have tried both these payloads:
I noticed that in another post you mention that this is compatible with Win 7 so I'm curious as to what I'm doing wrong.
Thanks in advance.
It maybe that it is 64 bit. I dont know. Exploit stuff is always really tricky over a wide range of machines. I had a friend fire up a windows 7 vm and download my .pdf and I gain a shell on his box. It may also be that microsoft released their own patch or work around to protect users.