- [ Certified Ethical Hacker v10 ] :: [ TOC ]
- [ Certified Ethical Hacker v10 ] :: [ Syllabus ]
- [ Certified Ethical Hacker v10 ] :: [ Chapters 1 & 2 ] :: Footprinting and Reconnaissance
- [ Certified Ethical Hacker v10 ] :: [ Chapter 3 ] :: Scanning
- [ Certified Ethical Hacker v10 ] :: [ Chapter 3 cont’d ] :: Enumeration
- [ Certified Ethical Hacker v10 ] :: [ Chapter 3 cont’d ] :: Vulnerability Analysis
- [ Certified Ethical Hacker v10 ] :: [ Chapter 4 ] :: Sniffing, Evasion and Packet Analysis
- [ Certified Ethical Hacker v10 ] :: [ Chapter 5 ] :: System Hacking
- [ Certified Ethical Hacker v10 ] :: [ Chapter 5 cont’d] :: Hash Cracking
- [ Certified Ethical Hacker v10 ] :: [ Chapter 6 ] :: Web Servers and Applications
- [ Certified Ethical Hacker v10 ] :: [ Chapter 6 cont’d] :: SQL Injection
- [ Certified Ethical Hacker v10 ] :: [ Chapter 6 cont’d] :: sqlmap
- [ Certified Ethical Hacker v10 ] :: [ Chapter 6 cont’d] :: Burp Suite
- [ Certified Ethical Hacker v10 ] :: [ Chapter 7 ] :: WiFi Hacking
- [ Certified Ethical Hacker v10 ] :: [ Chapter 8 ] :: Hacking Mobile Devices
- [ Certified Ethical Hacker v10 ] :: [ Chapter 8 cont’d ] :: Hacking the Internet of Things
- [ Certified Ethical Hacker v10 ] :: [ Chapter 9 ] :: Hacking in the Cloud
- [ Certified Ethical Hacker v10 ] :: [ Chapter 10 ] :: Trojans, Backdoors, Viruses and Worms
- [ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Denial of Service
- [ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Buffer Overflow
- [ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Session Hijacking
- [ Certified Ethical Hacker v10 ] :: [ Chapter 11 ] :: Cryptography
- [ Certified Ethical Hacker v10 ] :: [ Chapter 12 ] :: Social Engineering
- [ Certified Ethical Hacker v10 ] :: [ Chapter 12 ] :: Physical Security
- [ Certified Ethical Hacker v10 ] :: [ Chapter 13 ] :: Pen Testing Methodology
- [ CEH Training ] :: [ Day 7 ]
- Using the GNU Debugger: John Hammond
- [ Review ] :: EC-Council’s iLabs Platform
- [ Certified Ethical Hacker v10 ] :: Using ngrok to Set a Trap From Inside NAT
- [ Certified Ethical Hacker v10 ] :: [ Practical ] :: Become a CEH Master
Chapter 10: Trojans and Other Attacks
Trojans and Backdoors
These aren’t really the same, they just get discussed under the same heading.
Famous Trojans
- Neverquest Trojan (banking)
- ZeuS
- Mirai (IoT)
The Simplest Backdoor of All Time
Create a listener (-l) on the victim:
nc -l -p 5555
Then connect to the victim by IP address on the listening port:
nc <ip_address> -p 5555
Build Your Own Trojan
- Trojan Horse Construction Kit
- IExpress.exe (a wrapper)
Viruses
- Boot sector
- Shell
- Cluster
- Multipartite
- Macro
- Polymorphic code
- Encryption
- Metamorphic
- Stealth
- Cavity
- Sparse infector
- File extension
Famous Virii
- WannaCry (ransomware)
- Cryptolocker
- Petya
‘Tox’ Offers Free build-your-own Ransomware Malware Toolkit
“Tox, which runs on TOR, requires not much technical skills to use and is designed in such a way that almost anyone can easily deploy ransomware in three simple steps, according to security researchers at McAfee who discovered the kit.”
https://thehackernews.com/2015/05/ransomware-creator.html
Scripts for Script Kiddies
Script Kiddie Virus Kits
There are a lot of these, and some are mentioned in the CEH exam. For instance:
Creating a Virus in Python:
Worms
Worms don’t need no steenkin’ user interaction.
Famous Worms
- Ghost Eye – only ECC even mentions this, and you’ll have a hard time finding it, eg. https://blankhack.com/ghost-eye-worm/
- Code Red
- Slammer
- Nimda
Tools
netstat -an netstat -b
Process Explorer and Autoruns
Tripwire
SIGVERIF
VirusTotal
“Sheepdip system”
Session Hijacking
see https://schoolforhackers.com/certified-ethical-hacker-v10-session-hijacking/
Evading Anti-Malware
- Break the malware file into multiple pieces. Zip them up together.
- Change the syntax (eg. EXE to VB)
- Change the file extension
- Alter the malware file in a hex editor
- Encrypt the malware
- Wrap the malware
Wrapping Malware
These tools “wrap” an executable (exe, bat, or whatever) into a self-extracting archive that auto-runs a malware implantation.
EliteWrap:
https://packetstormsecurity.com/files/14593/elitewrap.zip.html
IExpress, built right into Windows:
Painful Computer Pranks
http://www.instructables.com/id/Computer-Shutdown-Prank-Windows/
http://www.zdnet.com/pictures/ten-epic-windows-7-pranks-you-absolutely-must-try/