Skip to content

HACKING – How to convert cmd.exe into a PDF


Reblogged from one of the three hacking blogs based at the University of South Wales.

How to convert cmd.exe into a PDF.

Paste in the header for PDF into cmd.exe (this is the static file header in software development or termed the magic number in Forensics).

The document may now pass forensics examination as a PDF.
But will launch a Windows Command Prompt.

Take care with your PDF’s.  This is why you are advised to be careful, about where you download from.

The Krypt

Document files and PDFs as a method of inserting exploits are one of the common features across publicly-disclosed targeted attacks, with the non-targeted incidents generally involving links to web pages hosting malicious code. Here I’m focussing on what appears the very first stage of a typical targeted attack (after the recce and intel gathering).

Technical Background
An OS must be capable of identifying different file types, in order to know which application to process it – when the user clicks on a .doc file, the OS just knows to open it with LibreOffice or Microsoft Word. What the user then has is a running application and a file loaded into memory – the process either linking to the file’s data structure or loading it into its address space.

The other concept to understand is the role of file extensions. We give a Word document the .doc extension purely to identify…

View original post 956 more words

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: