Home / Unlabelled / Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines

Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines

Bad-PDF create malicious PDF to steal NTLM Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file. Bad-Pdf reads the NTLM hashes using Responder listener.

This method work on all PDF readers(Any version) and java scripts are not required for this attack.

Reference : https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/

Dependency:
Responder/Kali Linux

Usage:

python badpdf.py

Run Bad-PDF in Kali linux:

Responder waiting for NTLM hash:

Run generated Bad-PDF file on a windows machine and get NTLM hash: :)

Author : Deepu twitter.com/DeepZec

Download Bad-Pdf

Via: feedproxy.google.com

Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines

Reviewed by Anónimo on 17:44 Rating: 5

Hacking Land - Hack, Crack and Pentest

Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines

Most Popular

Blog Archive

Recommended

Total Pageviews