Archived content in the process of being refreshed.
Metadata is not the only place we can harvest useful intelligence from within a PDF, as you will see within this module incremental updates can expose prereleases of the finalized document that may unintentionally disclose additional sensitive information. We will also explore how common data hiding techniques have failed in the past and extract sensitive information from these real life data disclosure incidents. If this wasnt enough we will also walk through removing document restrictions such as those that prevent the editing, copying, printing, and saving of a PDF. Last but definitely not least we will utilize a tool to perform brute force attacks to crack the document password protection mechanism utilized to restrict PDF file access.
Now that we are fairly familiar with the PDF Launch action it's time to experiment with it. In this learning module you will learn how to manipulate the default waring message box presented to your victim, evade the security patch released by Adobe in version 9.3.3 to disable the PDF Launch action, and also begin to pass interesting parameters to the Windows Command Interpreter (cmd.exe). Abusing the Launch action can be fun and by the end of this learning module it is our hope that you will begin to generate your own personalized attack scenarios utilizing this built-in feature of the PDF specification.
The fundamental principle for attacking server services, such as messaging, is all about understanding the language they speak. To understand this language we need to study the protocols that these servers operate within such as SMTP. We can do this by moving up the stack to layer 7 or the application layer where these server protocols live and operate. Think of server protocols just as you would think of visiting a foreign country. You are not going to be very effective in this foreign country if you cannot speak their native language, so you learn just enough of the foreign language to get by without any major hassles or issues. This can be the same way you should look at server protocols, as you need to learn and understand the important aspects of the protocol to speak its language to get what you want from it. In this lesson we will learn just enough about the messaging protocols to become effective at attacking them!
The Open Systems Interconnect (OSI) model is a way of defining how networks and communication systems operate. This model defines seven distinct layers that must be fully understood by both attackers and defenders of networks. Within these layers reside protocols that were not designed with security in mind and were developed to fulfill a functionality requirement. We as penetration testers or attackers must understand how different applications and services can be attacked within these different OSI layers. To compromise messaging we don't always have to compromise the application itself and this lesson will demonstrate how we can compromise messaging by attacking the lower level network protocols to carry out our attacks.
Regripper is an extremely powerful tool used in forensics investigations. It allows you to observe specific information on the drive including installed programs and previously uninstalled programs as well as hardware and operating system information. In this lesson you will learn some of the basic features of this tools.