Ethical Hacking and Penetration Testing Guide


If you would like to know more about this tool, visit http://www.pdflabs.com/docs/ pdftk-cli-examples/ Origami Framework



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə131/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   127   128   129   130   131   132   133   134   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

207
If you would like to know more about this tool, visit http://www.pdflabs.com/docs/
pdftk-cli-examples/
Origami Framework
Origami framework is used for creating and manipulating PDF frameworks. It is one of my favor-
ite tools for creating and experimenting with PDF documents. It makes creating PDF much sim-
pler than any other tool out there.
Installing Origami Framework on BackTrack
By default, Origami framework is not available on BackTrack, so we need to install in order to 
experiment with it. Here is how you can install Origami framework on your BackTrack.
1. First, download Origami framework’s latest release by issuing the following command in 
your console:
wget http://seclabs.org/origami/files/origami-last.tar.gz
2. Next, you need to extract the contents by issuing the following command:
tar xzvf origami-last.tar.gz
3. Congratulations! You have successfully installed Origami Framework. You can find Origami 
Framework in the directory named “
origami-1.0.0-beta1


208
◾ 
Ethical Hacking and Penetration Testing Guide
I would strongly recommend you to get familiarized with this tool if you like to dig deeper into 
this subject.
Attacking with PDF
It’s finally time to attack with PDF. In this section, we will talk about some of the commonly used 
PDF exploits with Metasploit, then we will do it the easy way with the social engineering toolkit.
So without wasting any more time, let’s fire up Metasploit. Once in Metasploit console, type 
in the following command:
Search pdf
This will display all the exploits present in Metasploit with the pattern PDF. Most of the PDF 
exploits in Metasploit work by embedding an exe in the PDF file, making it harder for antivirus 
software or the victim to recognize the malicious file.
The exploits may range from buffer overflows to misuse of the configurations, such as PDF 
launch action discussed earlier. As you can see from the following screenshot that PDF exploits are 
generally been broken down into two categories:
1. Fileformat exploits
2. Browser exploits

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   127   128   129   130   131   132   133   134   ...   235



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin