PDF Reconnaissance
PDF documents can also be used in gathering information about the target. As you already know,
the more information you gather, the more successful a penetration test will be. PDF documents
often contain some very useful metadata, which can be used to perform a wide variety of social
engineering attacks. So let’s begin.
Tools of the Trade
There are a couple of tools you can use to collect metadata from PDF, namely, metagoofil and
PDFINFO. I would recommend PDFINFO as metagoofil is quite buggy.
PDFINFO
PDFINFO is a command line Unix-based tool used to gather information about a particular PDF
document. The information includes the operating system, PDF reader version, etc. Now, let’s
begin experimenting with PDFINFO.
We will use the blank.pdf we created in the launch action exercise. So let’s say that we want to
gather information about blank.pdf. All we need to do is to issue the following command in the
console.
206
◾
Ethical Hacking and Penetration Testing Guide
PDFINFO “Your PDF Document”
Now let’s have a look at what useful information we could gather. In the first line, you can see the
author’s name, “Abdul Rafay Baloch,” which might be very useful to us. Next, we see the most
important line “Microsoft Word 2010”. This might not be of interest to a layperson, but a hacker
is always interested in figuring out how this information can be put to use.
By identifying what PDF software a user has used to generate PDF files, a hacker might be
able to find potential vulnerabilities in that software, or look for some already-discovered vulner-
abilities for that particular version, and can use those vulnerabilities against the target.
Suppose you are pentesting against an organization. Knowing what software the organization
uses for generating PDF files could be helpful to you in carrying out social engineering and other
attacks.
PDFTK
PDFTK is another useful tool for generating PDF files, which has multiple functionalities like
combining and compressing PDF files. It’s not very efficient though when compared to Origami
Framework, which could be used to generate PDF files more conveniently.
Client Side Exploitation
◾
Dostları ilə paylaş: |