Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines
Bad-PDF create malicious PDF to steal NTLM Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file. Bad-Pdf reads the NTLM hashes using Responder listener.
This method work on all PDF readers(Any version) and java scripts are not required for this attack.
Dependency:
Responder/Kali Linux
Usage:
python badpdf.py
Run Bad-PDF in Kali linux:
Responder waiting for NTLM hash:
Run generated Bad-PDF file on a windows machine and get NTLM hash: :)
Author : Deepu twitter.com/DeepZec
Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines
Reviewed by Zion3R
on
5:40 PM
Rating: