Hey folks, today we are going to talk about the tool that can easily add malicious payloads within the .PDF extension files and after which you can easily access any system. As we know it is prohibited to execute malicious payloads inside the window defender system, hence we will send our payload through the PDF files.


Kali Linux = Attacker
Window 10 = Victim ( Tested On )

Lets take a look 🙂 !!


The EvilPDF tool is specifically designed to embed payloads inside PDF files. It is an open source tool hosted on the github page that we will download using the wget command.

It require some additional features that we can download using the following command.

Now we can use this tool using the given command.

In the image below you have to change these options. Also you do not need to change other options.

Lhost = { Your Locahost Address }
Lport = { Any Which You Want 0-65535 }
Exe File Name = { As Your Requirement }

We will use the php code below which will help us in extending our payload to vicitm.
Usage 🙂 php -S < Your Lhost > : < Your Lport >

First victim will download our zip file and then open the PDF file.

As soon as vcitim opens the PDF file, the payload will be automatically downloaded on that system and as you remember we created a payload named “adobe_update” which will be downloaded by the victim as a software update.

As soon as victim executes the payload, you will have full access of that system immediately.

If you want to take the access of that system as meterpreter so you can use the metasploit framework.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Connect on Linkedin.

9 thoughts on “Embed Payload (Exe) into a PDF Documents – EvilPDF”

  1. Your Posts are awesome. I want to know that, just like this how to embed payload APK file in PDF ? Make post on that if you not done that already.

Leave a Reply

Your email address will not be published. Required fields are marked *