Chapter 7. Client-side Exploitation
"I am good at reading people. My secret, I look for worst in them" - Mr. Robot
We covered coding and performed penetration tests on numerous environments in the earlier chapters; we are now ready to introduce client-side exploitation. Throughout this and a couple of more chapters, we will learn about client-side exploitation in detail.
Throughout this chapter, we will focus on the following topics:
Attacking the target's browser
Sophisticated attack vectors to trick the client
Attacking Linux with malicious packages
Attacking Android and Linux filesystems
Using Arduino for exploitation
Injecting payloads into various files
Client-side exploitation sometimes require the victim to interact with the malicious files, which makes its success dependable on the interaction. These could be interactions such as visiting a malicious URL or downloading and executing a file. This means we need the help of the victims to exploit their systems successfully. Therefore, the...