Categories: Kali Linux

Bad-PDF To Steal NTLM Hashes From Windows Machines

Bad-PDF make pernicious PDF to steal NTLM Hashes from windows machines, it use defenselessness revealed by checkpoint group to make the malicious PDF record. Bad-Pdf peruses the NTLM hashes utilizing Responder listener.

This strategy deal with all PDF readers(Any version) and java scripts are not required for this attack.

Reference : https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/

Also Read EggShell – Remote Administration Tool For iOS/macOS

Dependency To Steal NTLM Hashes

Responder/Kali Linux

Usage: python badpdf.py

Run Bad-PDF in Kali linux:

Responder waiting for NTLM hash:

Run generated Bad-PDF file on a windows machine and get NTLM hash:

Author : Deepu

R K

Share
Published by
R K
Tags: Bad PDFNTLM HashespdfWindows Machines
8 years ago

Recent Posts

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

21 hours ago

The Evolution of Cloud Technology: Where We Started and Where We’re Headed

Image credit:pexels.com If you think back to the early days of personal computing, you probably…

5 days ago

The Evolution of Online Finance Tools In a Tech-Driven World

In an era defined by technological innovation, the way people handle and understand money has…

5 days ago

A Complete Guide to Lenso.ai and Its Reverse Image Search Capabilities

The online world becomes more visually driven with every passing year. Images spread across websites,…

6 days ago

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

1 month ago

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

1 month ago