I found this tutorial in the hackingtutorial website, works great:
Table of Contents
Requirements :
2. Operating System Windows or Linux (In Backtrack 5, metasploit already included inside)
3. social engineering toolkit
Step By Step :
1. Open your console/terminal (CTRL+ALT+T) and then change your working directory to/pentest/exploits/set.
cd /pentest/exploits/set
2. Run your Social Engineering Toolkit using ./set command.
3. Choose number 3 Infectious Media Generator, and then for the next step you can choose File-Format Exploits because we won’t use straight executables exploit.
Enter IP Address for Reverse Connection –> fill in with your IP Address(Attacker IP Address)
4. Select the file format exploit you want :
Actually you can choose what exploit you want to use, but in this case I’m using the default one number 11 “Adobe PDF EXE Social Engineering”
5. The next option is choose your PDF.
If you have your own PDF it was better, maybe you can use something that interest another people curious to open it, in this case I’m using my PDF Algebra-Final-Exam.pdf because I think it was really interesting file name
You also can leave this option blank to use blank PDF attack, but I think it’s better to use your own PDF so you can measure your victim.
6. The next step you need to choose which payload you want to use. As usual I like to choose Meterpreter reverse TCP payload
7. Enter the port to conneck back on. In this step, I choose port 80 because port 80 was magic port that always allowed by firewall
There should be a question “Do you want to create a listener right now? [yes|no]” choose YES.
Open new console/terminal (CTRL+ALT+T) and check your file inside autorun folder(see picture below) :
There’s two file autorun.inf and template.pdf inside the folder. If you see the filename, it’s not impossible the victim suspicious to that file because the name was really awful .
8. Let’s change a little bit the autorun.inf and template.pdf to make it more friendly
Change your working directory to autorun folder
cd /pentest/exploits/set/autorun
9. Do the following command :
pico autorun.inf
10. Inside autorun.inf, change the template.pdf to your desired file name :
[autorun] open=Algebra-Final-Exam.pdf icon=autorun.ico
then press CTRL to save and CTRL + X to exit.
To rename the PDF into our desired filename, do the following command :
mv template.pdf Algebra-Final-Exam.pdf
It’s finish now, and you should copy the content to your USB.
9. When the victim plug our malicious USB and the autorun working (view previous tutorial on step 5), we have their shell now
PWNED!
Countermeasure :
1. Use firewall to detect inbound or outbound traffic…(remember : antivirus is not enough)
2. If there’s an error message, read it carefully.
3. Turn off your autorun/autoplay (see tutorial here how to do that).
I hope you liked this article, please feel free to leave comments or ask questions.
1. Geek-KB.com does not encourage, condone, or orchestrate attempts to hack into other servers or any other illegal activities. The articles contained inside this website are for entertainment / educational purposes only, and what actions people decide to take outside of this website are strictly independent of Geek-KB.com. We are not responsible if you break the law using techniques listed on this website.
2. Geek-KB.com has the sole discretion to remove/edit users, articles, external resources, or any other user-submitted content to protect itself from legal harm. This legal disclaimer may be modified at any time without notice.
3. Any damage caused by using any of the techniques taken from https://www.geek-kb.com is on your own responsibility, Use it at your own risk!
No Comments Yet