File format-based exploitation
We will be covering various attacks on the victim using malicious files in this section. Therefore, whenever this malicious file runs, it sets the attacker, the meterpreter shell or the command shell, onto the target system. However, you will find these methods in an automated mode in the next few chapters where we will be talking specifically about social engineering methods and tricking the victim into the trap. However, let's concentrate on the manual attack techniques first.
PDF-based exploits
PDF file format exploits are those that create malicious PDF files, which when run on the victim's system, will give the attacker complete access to the target system in the form of a meterpreter shell. But before getting our hands onto the technique, let's see what vulnerability we are targeting and what the environment details are:
|
Test cases |
Description |
|---|---|
|
Vulnerability |
Stack overflow in uniquename from the Smart Independent Glyplets (SING) table |
|
Exploited on operating... |
