Exploit vector

Purpose

Compiling creates an installer which, when opened on the target device, exploits the vulnerability of a specific program. Different behaviors may be experienced, depending on the specific Exploit (i.e. the running program is aborted).

Desktop device installation

The installer is created and the packet of utility files is automatically saved in the folder . These files may be used in many types of attacks (i.e.: via link from a website).

Mobile device installation

The installer must be copied to the device and install.sh run from the copied folder.

IMPORTANT: the device must be unlocked.

The packet of utility files is automatically copied to the folder . These files may be used in many types of attacks (i.e.: via link from a website).

Example of installer copy command on the iOS device

mymac>scp –r ./RCS_IPHONE root@myiphone.local.net:/tmp

mymac>ssh root@myiphone.local.net

myiphone>cd /tmp/RCS_IPHONE

myiphone>sh install.sh

Deleting no longer used files

Packets saved in the folder can be deleted using the File Manager function, in System, Frontend section.

Parameters
Name Description
File type Type of file to be infected (i.e.: .PDF).
Select an Exploit Full application name used by the target to open the file (i.e.: Adobe Acrobat Reader 10).

URL

Document

...

Settings that identify the file to be infected.

URL: connection to an Anonymizer where the installer was saved.

Document: to select the file to be infected.