Exploiting without use of files

Question

I have already read many articles about exploits and also tried to test some on my second PC. I know that the key of using exploits is to upload a payload to the victim which then gets executed (as the instruction pointer got manipulated)

My question is: Is it possible to use exploits for loading payloads to the victim without the need of opening an already malicious file on that computer?

I am asking this because all I read about in the internet was about sending emails with malicious files which then get opened by the victim in order to make the victim's PC communicate with the attacker's PC to make the magic happen.

score 0 · Answer 1 · edited Feb 17 '17 at 15:57

0

There are many ways of exploiting. It is usually running code on the device. But there are also a lot of other ways. The malicious code can be started by the user, but there are more indirect ways. Stagefright for example (user just views a picture). Some ATMs in Germany could be hacked by blocking the card on the output. And so on...

edited Feb 17 '17 at 15:57

Jonathan Leffler

730,956
141
904
1,278

answered Jun 23 '16 at 20:01

Jonas Wilms

132,000
20
149
151

Ok thanks for your answer but if I understood you right viewing a picture is also a malicious file executed by the user (victim) isn't it? – TheGuy13 Jun 23 '16 at 20:14
It was enough to send an mms to somebody. – Jonas Wilms Jun 23 '16 at 20:41

Exploiting without use of files

1 Answers1