Results 1 to 2 of 2

Thread: Three questions about spear phishing and the java attacks.

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Aug 2010

    Default Three questions about spear phishing and the java attacks.


    While I am not a sysadmin or know much about security, I am partially responsible for operating the smallish network of my company. As such I find Backtrack to be very educational and also somewhat frightening!

    I want to ask three questions about the effectiveness of spear-phishing and the Java download attack. I have watched the video posted at IronGeek's site which suggests that these attacks are very simple. However, in "the wild" would they work so well?

    First, as I understand it, with both the unencoded executable payload inside the .pdf file and the Java download of the encoded payload, the remote shell can execute properly for Windows, OSX, and Linux OSs. The video stated that the Java downloaded worked for all three and I assume the same is true for the payloads pretending to be a .pdf but can someone please confirm?

    Second, I might well have thought the payloads inside the .pdf would be detected by AV software since, unlike the remote shells used in the Java download, they are not encoded. So how effective can sending the .pdf by e-mail really be if the payload is unencoded?

    Third, each exploit makes a direct connection between the victim and the IP of the attacker. Does this mean that when the victim first clicks on the .pdf, the attacker has to be listening? What happens if the attacker is offline? Does the payload stay in memory (including after reboots) on the target's machine and always looks to make a connection to the attacker's static IP irrespective of whether he finds it?

    Thank you - I would like to learn more about this particular attack since it seems so easy and I wonder if there are not "real world" issues with its implementation.

  2. #2
    Just burned his ISO
    Join Date
    Jan 2010

    Default Re: Three questions about spear phishing and the java attacks.

    Check out the social-engineer toolkit ( - The home of David Kennedy (ReL1K)) it does everything for you and works.

Similar Threads

  1. Help! Questions about Exploitation Attacks
    By MssLee in forum OLD Newbie Area
    Replies: 3
    Last Post: 04-24-2008, 08:57 PM
  2. WPA EAP attacks
    By Andy90 in forum OLD General IT Discussion
    Replies: 1
    Last Post: 02-27-2008, 10:55 AM
  3. RADIUS attacks
    By _hap_ in forum OLD Wireless
    Replies: 2
    Last Post: 02-21-2008, 03:29 AM
  4. Deauthentication attacks
    By snarledvirus219 in forum OLD Newbie Area
    Replies: 1
    Last Post: 11-07-2007, 05:43 AM
  5. Layer 2 Attacks
    By GMouse in forum OLD Pentesting
    Replies: 4
    Last Post: 07-27-2007, 05:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts