Chapter 19. Client-side Exploitation
"I am good at reading people. My secret, I look for worst in them" - Mr. Robot
We covered coding and performed penetration tests on numerous environments in the earlier chapters; we are now ready to introduce client-side exploitation. Throughout this and a couple of more chapters, we will learn about client-side exploitation in detail.
Throughout this chapter, we will focus on the following topics:
- Attacking the target's browser
- Sophisticated attack vectors to trick the client
- Attacking Linux with malicious packages
- Attacking Android and Linux filesystems
- Using Arduino for exploitation
- Injecting payloads into various files
Client-side exploitation sometimes require the victim to interact with the malicious files, which makes its success dependable on the interaction. These could be interactions such as visiting a malicious URL or downloading and executing a file. This means we need the help of the victims to exploit their systems successfully. Therefore, the dependency...