Chapter 4. Client-side Exploitation and Antivirus Bypass
In this chapter, we will cover:
- Internet Explorer unsafe scripting misconfiguration vulnerability
- Internet Explorer recursive call memory corruption
- Microsoft Word RTF stack buffer overflow
- Adobe Reader
util.printf()
buffer overflow - Generating binary and shellcode from
msfpayload
- Bypassing client-side antivirus protection using
msfencode
- Using
killav.rb
script to disable antivirus programs - A deeper look into the
killav.rb
script - Killing antivirus services from the command line
Introduction
In the previous chapter, we focused on penetration testing the target operating system. Operating systems are the first level of penetrating the target because an unpatched and outdated operating system can be easy ...
Get Metasploit Penetration Testing Cookbook now with O’Reilly online learning.
O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.