n-quire Posted December 4, 2015 Share Posted December 4, 2015 (edited) Does anyone know a good way to change the signature of the metasploit "adobe_pdf_embedded_exe_nojs" exploit to get it past antivirus? I'm trying to copy the exploited PDF onto my test PC but the AV blocks it (BLOODHOUND.PDF.24). I can successfully avoid the AV with a venom tweaked reverse_tcp EXE, but can't figure out how to do the same with a PDF. (I can't even find the code for the exploit - I would expect it in the exploits\CVE2010-1240 folder) I'm using my tweaked reverse_tcp as the exe in the pdf. The exe gets past the AV without any problems. So the problem must be with the adobe_pdf_embedded... exploit. Has anyone managed to do this? Any advice or better ideas? I'm not fussed about the actual exploitation of the PC at this stage. I trying to learn how to dodge the antivirus. Edited December 4, 2015 by n-quire Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.