how to embed exe file to pdf?

  • Im trying to embed exe file to pdf for case study.

    I try using metasploit exploits for this but i can only embed shellcodes with this method.

    I know there is a way to embed exe file but i cant find one

    Suggestions?

    Thanks.

    First off, are you sure that embedding an exe in a PDF is possible? Do you have a source for wanting to go in this direction?

    i know there is binders that can make it work but i cant find good one

    Define what you mean by 'embedding'. If you want to just hide an exe, that is different than making the exe run when the pdf is opened.

    embedding its better but if i cant do it so bind exe to pdf its ok too

    @kobiperetzz, just so we are clear, you want to just add the exe file to the pdf right?

    Embed exe can only work with Adobe Reader 9.x and 8.x (noted in the module source as well). If you bind the executable with the PDF, the resultant file will be an executable.

  • If all you are wanting to do is add an exe (or any file) to a pdf (or any file) then you can simply add your file to what is called 'slack space'. There are tools out there that do this and add many features but you can also do this by hand using a hex editor (like HxD).

    To do this by hand:

    1. open a hex editor.
    2. open your pdf in the editor.
    3. open the exe in the editor (in another window).
    4. copy the exe hex values into the pdf hex values (after pdf file end).
    5. save your new 'pdf', it will still open and operate as a pdf but your exe file will be there as well and you (or anyone) can extract the exe.

    also, you may be interested in embedding javascript in a pdf. This alone is nothing new, but this can be used maliciously...

    Embedding the executable code after the PDF EOF can only hide the code in the PDF file and it won't be executed. I am not sure how it will benefit the OP since he is asking about it for attacking (assuming because of Metasploit).

    That is what I was trying to verify with the OP. You do not simply `embed` exe's so I assumed the OP is asking for just how to hide the data... hehe

    Hence my very first question in the comments. The OP is very unclear about what he wants to do.

  • My quick research suggests that with the metasploit framework, you can use the download+exec shellcode to download and execute your code.

    I wouldn't doubt that you could "download" the executable from the embedded code in the PDF (from Matthew Peters's answer), and execute it once it has been extracted.

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM

Tags used