HACKING – How to convert cmd.exe into a PDF
Reblogged from one of the three hacking blogs based at the University of South Wales.
How to convert cmd.exe into a PDF.
Paste in the header for PDF into cmd.exe (this is the static file header in software development or termed the magic number in Forensics).
The document may now pass forensics examination as a PDF.
But will launch a Windows Command Prompt.
Take care with your PDF’s. This is why you are advised to be careful, about where you download from.
Document files and PDFs as a method of inserting exploits are one of the common features across publicly-disclosed targeted attacks, with the non-targeted incidents generally involving links to web pages hosting malicious code. Here I’m focussing on what appears the very first stage of a typical targeted attack (after the recce and intel gathering).
An OS must be capable of identifying different file types, in order to know which application to process it – when the user clicks on a .doc file, the OS just knows to open it with LibreOffice or Microsoft Word. What the user then has is a running application and a file loaded into memory – the process either linking to the file’s data structure or loading it into its address space.
The other concept to understand is the role of file extensions. We give a Word document the .doc extension purely to identify…
View original post 956 more words