Client Side Exploit for Adobe 9.3 Vulnerability
7:34
Added: 2 years ago
From: SocialEngineerOrg
Views: 4,309
Sort by time | Sort by thread (beta)

Link to this comment:

Share to:

All Comments (13)

Sign In or Sign Up now to post a comment!

  • nice copy video

    

    miekmuse1exploit 1 year ago

  • for a reverse connection you are correct... no need for the vic ip. but for bind you would need to know so you can connect. Sorry if i misspoke.

    SocialEngineerOrg 1 year ago

  • Thanks.. I've tried rebooting the vm's, I will try another port next. Also I noticed you said you must know the IP of the victim machine? Why is that if you're simply doing a reverse connection? As long as you can get the pdf to the victim machine, whether it be email, ftp, etc. I don't see why you would actually need to know their IP address. Plz correct me if I'm mistaken.

    Thanks dude

    pentester445 1 year ago

  • Hey bro try rebooting the VM - once this is used it sometimes borks the system. Or change the listening port... but that means new shellcode.

    SocialEngineerOrg 1 year ago

  • Nice vid man, one question, 1st time i did this, it wrkd, but now I get:

    root@bt:~# nc -lvp 443

    listening on [any] 443 ...

    192.168.88.200: inverse host lookup failed: Unknown server error : Connection timed out

    connect to [192.168.88.133] from (UNKNOWN) [192.168.88.200] 1076

    I don't have another machine running XP right now in my lab, but I'm guessing the inverse lookup error has to do with it being a NAT's virtual machine. Both VMs hv hostnames & are on 192.168.88.0

    Any suggestions? Thanks

    pentester445 1 year ago

  • Nice video. Now tell how do I get free chicks ? Subscribed with hope...

    Also this whole SE framework/toolkit idea thing is really cool.

    It's difficult to patch human vulnerabilities.

    The largest cash robbery in UK was only possible because of the weakness in the human aspect of the security. They got away with 54million pounds in untraceable bank notes ($81million).They got caught weeks later also because of the weak human aspect of security, but this time it was their own security.

    Peace. Y'al

    bonniekwacha 1 year ago

  • Yes you must know the IP address of the victim.

    Music is Infected Mushroom

    SocialEngineerOrg 1 year ago

  • In this example the attacker has to know the ip of the victim, right?

    (By the way, does anyone know what is that mix in this video?)

    belmond500 1 year ago

  • @belmond500 no, he needs to know just how to forword a port on his hore ruter and send te pdf by email, when the victims opens it it tries to backconnect , its quite simple

    cerberuspandora 1 year ago

  • I'm a preventative enthusiast, and that was simply amazing! Great video; 5 stars!

    ObsidianAge 1 year ago

  • Firewall or no it doesn't matter as the firewall will not inspect the PDF. You may want to use a standard port for the reverse shell though. Like 80

    SocialEngineerOrg 1 year ago

  • it's ok if the recipient's win32 system has no firewall...

    melakseek 1 year ago

  • Thanks 5stars for you:)

    tony757575 2 years ago

Loading...
Alert icon
0 / 00Unsaved Playlist Return to active list
    1. Your queue is empty. Add videos to your queue using this button:
      or sign in to load a different list.
    Loading...Loading...Saving...
    • Clear all videos from this list
    • Learn more