Client Side Exploitation ...........................................................................................197

xiv
◾ 
Contents
E-Mails with Malicious Attachments ....................................................................198
Creating a Custom Executable ......................................................................198
Creating a Backdoor with SET .....................................................................198
PDF Hacking ...............................................................................................201
Introduction ...................................................................................................................201
Header .................................................................................................................. 202
Body ..................................................................................................................... 202
Cross Reference Table ........................................................................................... 202
Trailer ................................................................................................................... 202
PDF Launch Action ....................................................................................................... 202
Creating a PDF Document with a Launch Action ......................................................... 203
Controlling the Dialog Boxes ............................................................................... 205
PDF Reconnaissance ............................................................................................ 205
Tools of the Trade .......................................................................................................... 205
PDFINFO ............................................................................................................ 205
PDFINFO “Your PDF Document” ............................................................. 206
PDFTK ................................................................................................................ 206
Origami Framework ...................................................................................................... 207
Installing Origami Framework on BackTrack ................................................................ 207
Attacking with PDF ....................................................................................................... 208
Fileformat Exploits ............................................................................................... 208
Browser Exploits ................................................................................................... 208
Scenario from Real World .............................................................................................. 209
Adobe PDF Embedded EXE ...........................................................................................210
Social Engineering Toolkit ..............................................................................................211
Attack Scenario 2: E-Mails Leading to Malicious Links ........................................213
Credential Harvester Attack ...........................................................................................214
Tabnabbing Attack .........................................................................................................215
Other Attack Vectors ......................................................................................................216
Browser Exploitation .......................................................................................................217
Attacking over the Internet with SET .............................................................................217
Attack Scenario over the Internet ....................................................................................217
Using Windows Box as Router (Port Forwarding) ......................................................... 220
Browser AutoPWN ............................................................................................... 220
Why Use Browser AutoPWN? ........................................................................................221
Problem with Browser AutoPWN ...................................................................................221
VPS/Dedicated Server ................................................................................................... 223
Attack Scenario 3: Compromising Client Side Update ......................................... 223
How Evilgrade Works .................................................................................................... 223
Prerequisites ................................................................................................................... 223
Attack Vectors ...................................................................................................... 223
Internal Network Attack Vectors .......................................................................... 223
External Network Attack Vectors ......................................................................... 224
Evilgrade Console ................................................................................................. 224
Attack Scenario..................................................................................................... 224
Attack Scenario 4: Malware Loaded on USB Sticks .............................................. 227

Contents
◾ 
xv
Teensy USB ................................................................................................................... 229
Conclusion ..................................................................................................................... 229
Further Reading ............................................................................................................ 229

Yüklə 22,44 Mb.

Dostları ilə paylaş: