Presentation is loading. Please wait.

Presentation is loading. Please wait.

RCS v7 Infection Vectors

Published byCharles Norman Modified over 6 years ago

Similar presentations

Presentation on theme: "RCS v7 Infection Vectors"— Presentation transcript:

1 RCS v7 Infection Vectors

2 Introduction Remote Control System is software, not a physical device
Installation on target device is required It can be installed Remotely: Intelligence information about remote target mandatory. Some vectors require minimal user’s interaction Locally: It requires physical access to target devices Usually very effective © Hacking Team All Rights Reserved

3 PC Installation (1) Remote infection vectors Executable melting tool
Injection Proxy HT Zero-day Exploits portal © Hacking Team All Rights Reserved

4 PC Installation (2) Local infection vectors HT consultancy
Bootable CDROM or USB pen drive Direct hard disk infection by means of tampering with computer case Firewire Port/PCMCIA attacks HT consultancy Anonymous attack scenario analysis E.g., Internet Café using DeepFreeze © Hacking Team All Rights Reserved

5 Mobile Installation Local Infection: Remote Infection: Memory Card
Through an infected PC when connected for synchronization/recharging Remote Infection: CAB/SIS/COD Melting Special crafted SMS (WAP Push) © Hacking Team All Rights Reserved

6 Vectors & Scenarios

7 Melting tool Remote vectors / Desktop
You can melt RCS core with any executable file and: Send it through a spoofed Put it on a fake promotional CD Put it on a U3 USB key ... © Hacking Team All Rights Reserved

8 Injection Proxy(1) Remote vectors / Desktop
“If you can monitor user’s traffic maybe you can be interested in infecting him” ;-) Embeds on-the-fly RCS core into any executable file downloaded by the user any automatic upgrade by common programs any visited web page Embeds on-the-fly exploit code into web pages downloaded documents (.pdf, .ppt, etc.) © Hacking Team All Rights Reserved

9 Injection Proxy(2) Remote vectors / Desktop
Can be used like a passive probe It doesn’t require to be in-line Can be placed into target’s ISP target’s enterprise network target’s WiFi network Fully integrated with RCS Console Comes in two versions Software: smaller networks Hardware: up to Gbs traffic © Hacking Team All Rights Reserved

10 Exploit Portal (1) Remote vectors / Desktop
Contains public, private and 0-day exploits Allows embedding RCS core into common file formats (.pdf, .ppt, etc.) Send through a spoofed Use the Injection Proxy © Hacking Team All Rights Reserved

11 Exploit Portal (2) Remote vectors / Desktop
Allows creation of “infected” web pages Send the URL via , IM, etc. Use in conjunction with Injection Proxy Pages could be hosted by RCS nodes Fully integrated with RCS Console Database always up to date © Hacking Team All Rights Reserved

12 Bootable CD/USB key Local vectors / Desktop
Automatically installs RCS on a turned-off PC It requires only few seconds The same media can be used for all the supported architectures © Hacking Team All Rights Reserved

13 Memory card Infection Local vectors / Mobile
Automatically installs RCS on a smart phone, no matter if turned on or not It requires only few seconds It doesn’t require PIN/PUK codes © Hacking Team All Rights Reserved

14 SMS Infection Remote vectors / Mobile
You send a special crafted SMS to the target It pretends to be some kind of upgrade from the operator Once accepted, the smartphone is infected Depending on smartphone settings, it requires no-to-minimal interaction by the target © Hacking Team All Rights Reserved

15 Two-stage infection Other vectors / Mobile
You need to infect a Desktop PC first When attached to the PC (for synchronization or charging), the smartphone gets automatically infected. © Hacking Team All Rights Reserved

16 Final words Those were only few examples among all the possible ways for target infection You can rely on our consultancy service to identify which is the most suitable way for any scenario © Hacking Team All Rights Reserved

17 Q&A

Download ppt "RCS v7 Infection Vectors"

Similar presentations

Chapter 1:Introduction to the world of computers

Chapter 1:Introduction to the world of computers
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
Google Apps for Education. What Is Google Apps For Education? Sites (Webpages) Docs (Office Suite) Gmail (E-mail) Calendar Google Talk (Communications.

Google Apps for Education. What Is Google Apps For Education? Sites (Webpages) Docs (Office Suite) Gmail ( ) Calendar Google Talk (Communications.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Office 2003 Introductory Concepts and Techniques M i c r o s o f t CPTG104 Intro to Information Systems Dr. Hwang Essential Introduction to Computers.

Office 2003 Introductory Concepts and Techniques M i c r o s o f t CPTG104 Intro to Information Systems Dr. Hwang Essential Introduction to Computers.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.

OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.
Classification of Viruses. A Government Report from Gibb, McMillan and Wylie.

Classification of Viruses. A Government Report from Gibb, McMillan and Wylie.
Client – Server Architecture A Basic Introduction Kathleen R. Murray, Ph.D. May 2002.

Client – Server Architecture A Basic Introduction Kathleen R. Murray, Ph.D. May 2002.
For more notes and topics visit:

For more notes and topics visit:
Operating Systems Operating System

Operating Systems Operating System
WINDOWS XP PROFESSIONAL Bilal Munir Mughal Chapter-1 1.

WINDOWS XP PROFESSIONAL Bilal Munir Mughal Chapter-1 1.
Cyber Crimes.

Cyber Crimes.
Viruses.

Viruses.
Chapter 7 Microsoft Windows XP. Windows XP Versions XP Home XP Home XP Professional XP Professional XP Professional 64-Bit XP Professional 64-Bit XP Media.

Chapter 7 Microsoft Windows XP. Windows XP Versions XP Home XP Home XP Professional XP Professional XP Professional 64-Bit XP Professional 64-Bit XP Media.
Tutorial 11 Installing, Updating, and Configuring Software

Tutorial 11 Installing, Updating, and Configuring Software
Computers Are Your Future Eleventh Edition Chapter 4: System Software Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.

Computers Are Your Future Eleventh Edition Chapter 4: System Software Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Introduction to Windows 7. Desktop Maximize, Minimizing, and Restoring.

Introduction to Windows 7. Desktop Maximize, Minimizing, and Restoring.
Living in a Digital World Discovering Computers Fundamentals, 2010 Edition.

Living in a Digital World Discovering Computers Fundamentals, 2010 Edition.
By Jonathan….and Darion……….. Reliability Windows File Protection protects core system files from being overwritten by application installs. Driver certification.

By Jonathan….and Darion……….. Reliability Windows File Protection protects core system files from being overwritten by application installs. Driver certification.

Similar presentations

Ads by Google