Will demonstrate something that does not understand?I am about to give a demonstration how an attacker can take an existing pdf document and attach a payload to it.
In one of the topics, contains your answer!
Client Side Exploits
Regards,
Spawn new Acrobat process
Hello,
I am about to give a demonstration how an attacker can take an existing pdf document and attach a payload to it.
One alternative that I've got is to use the embedded-exe-exploit, but that is not what I would like. I would like the reader to render a correct document after being sploited. Is this doable in metasploit (with perhaps some kind of after-execution-script?)?
Cheers, Alex
Re: Spawn new Acrobat process
Will demonstrate something that does not understand?I am about to give a demonstration how an attacker can take an existing pdf document and attach a payload to it.
In one of the topics, contains your answer!
Client Side Exploits
Regards,
(gdb) disass m(y_br)ain
®
Re: Spawn new Acrobat process
They say the world is full of amateurs.Originally Posted by espreto
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Re: Spawn new Acrobat process
Actually I have been reading exactly that online-metasploit-course before and what I can see it doesn't handle this subject. I will clearify myself:
All the PDF exploits in metasploit (mostly JS) are showing you a blank PDF or just freezes the reader. An exploit kills the process, there is nothing strange about that. And there is this embedde-exe-exploit which is kind of obivious. "Save this document, ignore the strange pop-up (decrypt the pdf) and click OK".
You can't know everything in the IT-sec-field. You have to focus in some areas. That is my opinion. I haven't had this exploit focus but I would like to know how this can be done. I have no problems in demonstrating how easy it is to develop and PDF exploit but it would interesting to know what methods are most commonly used when the Adobe reader crashes and restarts with an adequate document?
Yes, I'm an amateur when it comes down to PDF exploits, thats why I posted in the beginners thread.
Re: Spawn new Acrobat process
You should checkout Didier Stevens' blog.
This is true, which is why you should demonstrate something within your area of focus.You can't know everything in the IT-sec-field. You have to focus in some areas. That is my opinion.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Re: Spawn new Acrobat process
You are absolutely right.
I will here by never try to learn anything new.
Re: Spawn new Acrobat process
No one said you should not learn, they merely pointed out you are trying to demonstrate something in which you obviously know nothing about.
That's about as bright as a car mechanic trying to demonstrate a heart transplant. I mean it's all the same right? Open the body up, take out the bad part put in a new one, and your set.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Posting Permissions