Chapter 4. Client-side Exploitation and Antivirus Bypass
In this chapter, we will cover:
- Internet Explorer unsafe scripting misconfiguration vulnerability
- Internet Explorer recursive call memory corruption
- Microsoft Word RTF stack buffer overflow
- Adobe Reader
util.printf()
buffer overflow - Generating binary and shellcode from
msfpayload
- Bypassing client-side antivirus protection using
msfencode
- Using
killav.rb
script to disable antivirus programs - A deeper look into the
killav.rb
script - Killing antivirus services from the command line
Introduction
In the previous chapter, we focused on penetration testing the target operating system. Operating systems are the first level of penetrating the target because an unpatched and outdated operating system can be easy ...
Get Metasploit Penetration Testing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.