Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas

Tools / Assumptions Attacker – BackTrack 4.2 Metasploit Framework 3.0 PDF file for embedding Victim – Windows XP File and Printer Sharing Adobe Reader 8.0 – 9.0

Exploit Concept Attacker embeds exploit in a PDF file Victim opens the PDF file –Unknowingly saves and runs exploit Attacker takes control of victim machine

Exploit Demos Live Demo Offline Demo

Start BackTrak

Open 2 Terminals

Open msfconsole in both Terminals

Setup Exploit

Setup Exploit Handler

Wait for Victim to Open PDF

Prey on their Ignorance

Victim is now a Victim

Attacker now has Access

Example of Control

Example of Control (cont)

Setup Exploit 2

Setup Handler 2

Wait for Victim to Open

Prey on Victim’s Ignorance

Ta Da! Attacker has a VNC Session

Example of Control

Example of Control (cont)

Prevent the Attack DO NOT open files from people you don’t know DO NOT allow firewall exceptions for applications you don’t know KEEP popular programs up to date DISABLE File and Printer Sharing if you aren’t using it

Questions?