Posts

Showing posts from January, 2012

Foxit Reader PDF Exploit + Windows 7 Backdoor

Image
This video show you how it is easy to install a backdoor (Meterpreter Service) on a Windows 7 pc throught a pdf and with the support of metasploit. Our victim uses an outdated version of Foxit Reader (4.1.1) which is vulnerable to a stack-based buffer overflow . Our goal is to install a backdoor on the victim's machine so we can access every time we want, to accomplish this thing we will use a bit of social engineering and a malicious pdf. First of all we open SET and select the type of attack, in this case will be a Spear-Phishing attack that allows you to specially craft email messages and send them to a large (or small) number fo people with attached fileformat malicious payload. Our exploit will be Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow with a windows meterpreter reverse https payload set on port 44333. The next step is to craft our e-mail telling that something unusual comes from his computer. E-mail text:   Dear Frank Victim,  To find out what ha