tailieunhanh - Seven Deadliest Microsoft Attacks phần 8

là tạo ra một tài khoản địa phương với một mật khẩu mạnh trong Windows và sau đó thêm tài khoản đó đến vai trò quản trị hệ thống trong bảo mật SQL Server. Một khi điều này được thực hiện, bạn sẽ cần để đăng nhập vào Windows với tài khoản đó và xóa các tài khoản quản trị | Dangers Associated with Macros and ActiveX 97 some of them should open your eyes to what the reality is as far as macro attack capabilities are concerned. The real danger associated with macro and other client-side attacks is understanding that many of the attacks can easily be launched with little knowledge of how the attack works. In addition the typical target for a macro attack is your common computer user who may not be fully aware of the dangers that exist today. Successful attacks can lead to total compromise of a network or simply provide the foothold an attack needs to make further attacks. Scenario 1 Metasploit Reverse TCP Connection Most organizations today deploy the Microsoft Office suite programs to enable employees to complete business-related tasks however our attacker has some other plans for leveraging the functionality of Microsoft Office. As time passes and tools become more robust the capability to exploit vulnerable systems comes easier for both penetration testers and attackers alike. This first scenario uses the extremely popular Metasploit Framework Microsoft Office and a dash of imagination to stir up a recipe for disaster. Metasploit has the capability of generating a variety of payloads that penetration testers and attackers can use against target systems. In this scenario the attacker decides he wishes to perform an attack against an unsuspecting victim in an attempt to gain control over the victim s operating system. Leveraging the knowledge of how macro exploits operate our attacker uses Metasploit Visual Basic payloads to generate a macro that may be added to almost any Microsoft Office product. Metasploit has the capability to create payloads that most antivirus vendors will not even detect. During the writing of this chapter the malicious e-mail and file was checked against 41 virus scanners and none detected the malicious payload. The following block of code represents the attacker creating the VBA code that .

TỪ KHÓA LIÊN QUAN