In this recipe, we will explore how to use Metasploit to perform an attack using the Portable Document Format (PDF) document exploited with the Adobe PDF Embedded module. An Adobe PDF is a highly used standard for transmitting a document to another party. Due to its widespread use, especially because of its business usage, we will attack a user's machine by allowing them to think they are opening a legitimate PDF document from a job applicant.
The following requirement needs to be fulfilled:
A connection to the internal network
Metasploitable running in our hacking lab
Wordlist to perform dictionary attack
Let's begin the process by opening a terminal window: