Categories: Kali Linux

Bad-PDF To Steal NTLM Hashes From Windows Machines

Bad-PDF make pernicious PDF to steal NTLM Hashes from windows machines, it use defenselessness revealed by checkpoint group to make the malicious PDF record. Bad-Pdf peruses the NTLM hashes utilizing Responder listener.

This strategy deal with all PDF readers(Any version) and java scripts are not required for this attack.

Reference : https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/

Also Read EggShell – Remote Administration Tool For iOS/macOS

Dependency To Steal NTLM Hashes

Responder/Kali Linux

Usage: python badpdf.py

Run Bad-PDF in Kali linux:

Responder waiting for NTLM hash:

Run generated Bad-PDF file on a windows machine and get NTLM hash:

Author : Deepu

R K

Share
Published by
R K
Tags: Bad PDFNTLM HashespdfWindows Machines
7 years ago

Recent Posts

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

1 day ago

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

1 day ago

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

1 day ago

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

1 day ago

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

2 days ago

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

2 days ago