Chapter 10: Trojans and Other Attacks
Trojans and Backdoors
These aren’t really the same, they just get discussed under the same heading.
Famous Trojans
- Neverquest Trojan (banking)
- ZeuS
- Mirai (IoT)
The Simplest Backdoor of All Time
Create a listener (-l) on the victim:
nc -l -p 5555
Then connect to the victim by IP address on the listening port:
nc <ip_address> -p 5555
Build Your Own Trojan
- Trojan Horse Construction Kit
- IExpress.exe (a wrapper)
Viruses
- Boot sector
- Shell
- Cluster
- Multipartite
- Macro
- Polymorphic code
- Encryption
- Metamorphic
- Stealth
- Cavity
- Sparse infector
- File extension
Famous Virii
- WannaCry (ransomware)
- Cryptolocker
- Petya
‘Tox’ Offers Free build-your-own Ransomware Malware Toolkit
“Tox, which runs on TOR, requires not much technical skills to use and is designed in such a way that almost anyone can easily deploy ransomware in three simple steps, according to security researchers at McAfee who discovered the kit.”
https://thehackernews.com/2015/05/ransomware-creator.html
Scripts for Script Kiddies
Script Kiddie Virus Kits
There are a lot of these, and some are mentioned in the CEH exam. For instance:
Creating a Virus in Python:
Worms
Worms don’t need no steenkin’ user interaction.
Famous Worms
- Ghost Eye – only ECC even mentions this, and you’ll have a hard time finding it, eg. https://blankhack.com/ghost-eye-worm/
- Code Red
- Slammer
- Nimda
Tools
netstat -an netstat -b
Process Explorer and Autoruns
Tripwire
SIGVERIF
VirusTotal
“Sheepdip system”
Session Hijacking
see https://schoolforhackers.com/certified-ethical-hacker-v10-session-hijacking/
Evading Anti-Malware
- Break the malware file into multiple pieces. Zip them up together.
- Change the syntax (eg. EXE to VB)
- Change the file extension
- Alter the malware file in a hex editor
- Encrypt the malware
- Wrap the malware
Wrapping Malware
These tools “wrap” an executable (exe, bat, or whatever) into a self-extracting archive that auto-runs a malware implantation.
EliteWrap:
https://packetstormsecurity.com/files/14593/elitewrap.zip.html
IExpress, built right into Windows:
Painful Computer Pranks
http://www.instructables.com/id/Computer-Shutdown-Prank-Windows/
http://www.zdnet.com/pictures/ten-epic-windows-7-pranks-you-absolutely-must-try/