Categories: Kali Linux

Bad-PDF To Steal NTLM Hashes From Windows Machines

Bad-PDF make pernicious PDF to steal NTLM Hashes from windows machines, it use defenselessness revealed by checkpoint group to make the malicious PDF record. Bad-Pdf peruses the NTLM hashes utilizing Responder listener.

This strategy deal with all PDF readers(Any version) and java scripts are not required for this attack.

Reference : https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/

Also Read EggShell – Remote Administration Tool For iOS/macOS

Dependency To Steal NTLM Hashes

Responder/Kali Linux

Usage: python badpdf.py

Run Bad-PDF in Kali linux:

Responder waiting for NTLM hash:

Run generated Bad-PDF file on a windows machine and get NTLM hash:

Author : Deepu

R K

Share
Published by
R K
Tags: Bad PDFNTLM HashespdfWindows Machines
8 years ago

Recent Posts

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

4 weeks ago

The Evolution of Cloud Technology: Where We Started and Where We’re Headed

Image credit:pexels.com If you think back to the early days of personal computing, you probably…

1 month ago

The Evolution of Online Finance Tools In a Tech-Driven World

In an era defined by technological innovation, the way people handle and understand money has…

1 month ago

A Complete Guide to Lenso.ai and Its Reverse Image Search Capabilities

The online world becomes more visually driven with every passing year. Images spread across websites,…

1 month ago

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

2 months ago

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

2 months ago