Exe not allowed in Emails - How to bypass?

[flowjob]

Ok,
I wrote a kind of trojan for a 'job' (for me more like training  ) and put it into a self extracting archive with a pdf file with iexpress.exe . Then I edited the source for the icon to change it to the icon of a pdf file and named my exe with a .pdf.exe (because windows hides the .exe part), so it looks (for a not-expert) like a normal pdf file.

But now here's my problem: I have to send this exe to a few guys,but all email hosts like gmx,gmail and hotmail don't allow executeables (even if they're in archives,and they can read almost EVERY archive by now... -,-' ).
So how could I attach this executeable to my mail,so the targets downlaod them asuming they're pdfs,and start them after that?

Or do you know a better way for this than using self extracting archieves?

[centizen]

your only option is to put a password on your RAR file really. but that adds another layer of complexity to your attack. Really, e-mail distribution isn't something you're going to do unless you have an exploit so that you can hide the true nature of your file.

[flowjob]

a password won't always work...   if you read a zip for example,the filenames and paths are plaintext...
don't know if it's the same with rar and 7z, but guess so...

[centizen]

no, not the case. You are able to encrypt everything with rar.

[flowjob]

but that's the next problem. It's already strange that I compess a normal "pdf",and that it is rar instead of the preinstalled zip doesn't help...
If I set a password now too,then they may be suspicious on it...

[The Alchemist]

Perfection isn't achievable so easily..

[Kulverstukas]

RAR's do not encrypt filenames unless you set it to.

[flowjob]

In the end putting it in an archieve is no solution at all,as if someone doubleclicks it, winzip/winrar will open and they'll show the full extensions (e.g. 'myfile.pdf.exe'), so the target would see that the file is an executeable and not a pdf... 

Anyone another idea?

[Kulverstukas]

Well you can craft an exploitable PDF file. AFAIK Adobe has tons of those code execution exploit thingies so if he's running adobe, somehow get to know which version and refer to metasploit to generate a malicious PDF. If successful you might get a remote shell or install whatever you want.

[h4ppy_4rtist]

If you really want to do it per e-mail and you are not able to create this malicious pdf you may try extensions like .cmd, and .scr for your file. Maybe the freemail companies don't filter them I dunno.

[flowjob]

@Kulverstukas
I've already sent the mail (deadline was today),but I still will have a look at that when I have time for it,because it sure'll be useful next time..

@h4ppy_4rtist

If you really want to do it per e-mail and you are not able to create this malicious pdf you may try extensions like .cmd

I think I won't recode that trojan again in batch 

[ca0s]

Are .cab's filtered?

[h4ppy_4rtist]

@h4ppy_4rtistI think I won't recode that trojan again in batch 

I think you don't need to recode it in batch
Just change the extension to cmd and the victims windows computer will try to execute it. Like .scr and so on..

[flowjob]

@h4ppy_4rtist:
I think this won't work,because as I know .cmd is executed by cmd.It executes the batch command for command,but a .exe does not contain a command list,but some compiled stuff wich can't be read by cmd as far as I know.

@ca0s
I'll try it with .cab next time too

[h4ppy_4rtist]

Give it a try, for me it worked very often with XP / Vista / 7 ^^