Presentation is loading. Please wait.

Presentation is loading. Please wait.

Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.

Published byCaitlin Gardner Modified over 9 years ago

Similar presentations

Presentation on theme: "Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert."— Presentation transcript:

1 Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert

2 Week 6-2 Week 6: Trojans and Backdoors Hacking Tool: QAZ Hacking Tool: Tini Hacking Tool: Netcat

3 Week 6-3 Netcat in Action as Backdoor Remote command prompt anyone? On a Windows NT server issue the following command in the directory that contains netcat: nc -l -p1234 -d -e cmd.exe –L This –l puts netcat into listen mode, the -p1234 tells netcat to use port 1234, the –d allows netcat to run detached from the console, the –e cmd.exe tells netcat to execute the cmd.exe program when a connection is made, and the –L will restart Netcat with the same command line when the connection is terminated. On the client system issue the following command: nc destination 1234 This command causes netcat to connect to the server named destination on port 1234. Immediately you are given a console connection to the destination server. Be careful! To exit the remote console session type: exit You will be returned to your own console and will be able to reconnect to the destination server because netcat was started on the destination server with the –L option.

4 Week 6-4 Week 6: Trojans and Backdoors Hacking Tool: Donald Dick Hacking Tool: SubSeven Hacking Tool: BackOrifice 2000 Back Oriffice Plug-ins

5 Week 6-5 Back Orifice 2000 Can be used as a Network Administrator to remotely configure its system. It can also be used as a Trojan/Backdoor by attackers. Can run on any filename, Uses TCP port 54320 and UDP 54321 by default but can use any other port. Can disguise itself as Explorer.exe. Can use Strong Encryption. Open Source. Countermeasure:BackOfficer Friendly (nfr.net/products/bof)

6 Week 6-6 Some BO2K Plugins BOPeep- provides streaming video of the victim’s screen to attacker. Encryption- Blowfish, CAST-256, IDEA, RC6 (stronger than most commercial systems) BOSOCK32- Stealth capabilities using ICMP STCPIO- stealth using encrypted flow between BO2K GUI and server.

7 Week 6-7 Week 6: Trojans and Backdoors Hacking Tool: NetBus Wrappers

8 Week 6-8 Week 6: Trojans and Backdoors Hacking Tool: Graffiti Hacking Tool: Silk Rope 2000 Hacking Tool: EliteWrap Hacking Tool: IconPlus

9 Week 6-9 Week 6: Trojans and Backdoors Packaging Tool: Microsoft WordPad Hacking Tool: Whack a Mole

10 Week 6-10 Week 6: Trojans and Backdoors Trojan Construction Kit BoSniffer Hacking Tool: FireKiller 2000

11 Week 6-11 Week 6: Trojans and Backdoors Covert Channels ICMP Tunneling Hacking Tool: Loki

12 Week 6-12 Week 6: Trojans and Backdoors Reverse WWW Shell Backdoor Countermeasures

13 Week 6-13 Week 6: Trojans and Backdoors BO Startup and Registry Entries NetBus Startup and Registry Keys

14 Week 6-14 Week 6: Trojans and Backdoors Port Monitoring Tools fPort (foundstone.com) TCPView ( http://www.sysinternals.com/ntw2k/source/ tcpview.shtml) Process Viewer

15 Week 6-15 Week 6: Trojans and Backdoors Inzider - Tracks Processes and Ports ( www.sans.org/y2k/finding.htm ) Trojan Maker

16 Week 6-16 Week 6: Trojans and Backdoors Hacking Tool: Hard Disk Killer Man-in-the-Middle Attack Hacking Tool: dsniff

17 Week 6-17 Week 6: Trojans and Backdoors System File Verification TripWire (tripwire.com, tripwire.org)

18 Week 6-18 Week 6: Trojans and Backdoors Summary

Download ppt "Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert."

Similar presentations

© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.

Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.
Backdoors A backdoor is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker’s own terms.

Backdoors A backdoor is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker’s own terms.
KULIAH III THREAT AND ATTACK (2) Aswin Suharsono KOM 15008 Keamanan Jaringan 2012/2013 KOM 15008 Keamanan Jaringan 2012/2013.

KULIAH III THREAT AND ATTACK (2) Aswin Suharsono KOM Keamanan Jaringan 2012/2013 KOM Keamanan Jaringan 2012/2013.
WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *

WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *
Trojans, Backdoors, Rootkits Viruses, and Worms

Trojans, Backdoors, Rootkits Viruses, and Worms
Operating and Configuring Cisco IOS Devices © 2004 Cisco Systems, Inc. All rights reserved. Operating Cisco IOS Software INTRO v2.0—8-1.

Operating and Configuring Cisco IOS Devices © 2004 Cisco Systems, Inc. All rights reserved. Operating Cisco IOS Software INTRO v2.0—8-1.
CAT TELECOM Security Awareness Training Rott Adsadawuttijaroen & Tanan Satayapiwat Trojans and Backdoors Module Objective Terms of reference for various.

CAT TELECOM Security Awareness Training Rott Adsadawuttijaroen & Tanan Satayapiwat Trojans and Backdoors Module Objective Terms of reference for various.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Mike Ware 11/30/04 A Trojan Report and Analysis of BO2K, NetBus 1.7, and Sub7 Legends.

Mike Ware 11/30/04 A Trojan Report and Analysis of BO2K, NetBus 1.7, and Sub7 Legends.
Backdoors and Remote Access Tools Roy INSA Laboratory.

Backdoors and Remote Access Tools Roy INSA Laboratory.
11 ADMINISTERING MICROSOFT WINDOWS SERVER 2003 Chapter 2.

11 ADMINISTERING MICROSOFT WINDOWS SERVER 2003 Chapter 2.
SMS Remote control Tool - Unleashed Oren Zippori Team Computers Israel System Management User Group.

SMS Remote control Tool - Unleashed Oren Zippori Team Computers Israel System Management User Group.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost 127.0.0.1 (loopback address)  Internal networks 

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 
Information Networking Security and Assurance Lab National Chung Cheng University Backdoors and Remote Access Tools INSA Laboratory.

Information Networking Security and Assurance Lab National Chung Cheng University Backdoors and Remote Access Tools INSA Laboratory.
Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.
Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Similar presentations

Ads by Google