Тёмный

Backdoor Development: Creating a Trojanized System Binary with C 

Drew Alleman
Подписаться 2 тыс.
Просмотров 20 тыс.
50% 1
ВидеоПоделитьсяСкачатьДобавить в

Repository: github.com/Drew-Alleman/netst...
0:59 - Downloading and setting up netstat source
1:56 - Importing C Socket libraries
2:34 - Defining Constants
3:45 - Creating the backdoor function
10:57 - Testing trojan
12:00 - Making the backdoor run in the background
14:57 - Modifying the netstat output to hide the backdoor
17:33 - Testing the new trojan binary
18:18 - Virustotal report of the Trojan
18:43 - Replacing the orginal netstat binary
--- Resources
book.hacktricks.xyz/welcome/r...
gtfobins.github.io/
github.com/danielmiessler/Sec...
highon.coffee/blog/reverse-sh...
github.com/BlackArch/webshells

Опубликовано:

 

18 ноя 2023

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 35   
@hayreddinbarbarossa3132
@hayreddinbarbarossa3132 7 месяцев назад
Amazing video dear friend. I hope you keep it up.
@urban248
@urban248 8 месяцев назад
Great content! Keep it up ❤
@drewalleman
@drewalleman 8 месяцев назад
Thank you 🙌
@rubbermaiden
@rubbermaiden 4 месяца назад
Very nice, congrats
@MasterCraft_48
@MasterCraft_48 8 месяцев назад
That thumbnail is something of beauty
@twobob
@twobob 5 месяцев назад
fun project
@puucca
@puucca 8 месяцев назад
Beautiful
@drewalleman
@drewalleman 8 месяцев назад
Thanks
@TsukiCTF
@TsukiCTF 7 месяцев назад
Good one
@adamgkruger
@adamgkruger 4 месяца назад
Loved it!
@takashisclh8766
@takashisclh8766 8 месяцев назад
Bro u r goat
@CU.SpaceCowboy
@CU.SpaceCowboy 8 месяцев назад
great video. yall ever try binject? it keeps functionality of binaries (if you want) and launches your own custom exe or shellcode. that way you dont have to make a 1000 custom binaries. fyi its golang so the exe is gonna be fairly large, but at least its statically compiled.
@drewalleman
@drewalleman 8 месяцев назад
Whattt that's crazy! I will check that out..
@CU.SpaceCowboy
@CU.SpaceCowboy 8 месяцев назад
@@drewalleman i honestly think the only video on RU-vid about it was literally made by the creator itd be a good video. seems down your alley
@drewalleman
@drewalleman 8 месяцев назад
@@CU.SpaceCowboy I will definitely consider it. I am about to start working on another idea that might implement that tool so will see.
@dadamnmayne
@dadamnmayne 7 месяцев назад
@@CU.SpaceCowboy usually, you need to hollow the process so that you'll have a place to run the shellcode.
@Enerzon
@Enerzon 8 месяцев назад
I will be your greatest student.❤
@bravefastrabbit770
@bravefastrabbit770 8 месяцев назад
thank you Dear Sir
@antoineflowers6438
@antoineflowers6438 7 месяцев назад
Awesome video!!! Do you play HTB battlegrounds or mayhem? That would be a cool video seeing you use this..
@drewalleman
@drewalleman 7 месяцев назад
I have not. I will look into it.
@CN-Aqi
@CN-Aqi 3 месяца назад
Hi, I hope to get in touch with you.
@dzbro1194
@dzbro1194 4 месяца назад
Would a checksum on the netstat binary be enough to determine that it was tampered with?
@drewalleman
@drewalleman 3 месяца назад
Yes, that would detect it.
@root924
@root924 5 месяцев назад
what font in vim?
@redcrystal3170
@redcrystal3170 8 месяцев назад
What OS are you using?
@drewalleman
@drewalleman 8 месяцев назад
Ubuntu with some gnome extensions
@appocalypse3012
@appocalypse3012 5 месяцев назад
​@@drewallemancould you please share those chrome extensions, its really awesome and I would like to try it out
@drewalleman
@drewalleman 5 месяцев назад
​@@appocalypse3012 they are gnome extensions for Ubuntu github.com/Drew-Alleman/neovim
@thereisnotomorrow0
@thereisnotomorrow0 6 месяцев назад
sir how can i test that my windows
@drewalleman
@drewalleman 6 месяцев назад
This is for Linux idk if the same netstat source can be compiled on Windows, they might have proprietary code.
@nocturne2172
@nocturne2172 5 месяцев назад
I thought sysadmins used ss nowadays
@drewalleman
@drewalleman 4 месяца назад
They do, this is a proof of concept, and a lot of the code in this project can be directly copied over.
@twobob
@twobob 5 месяцев назад
audio too quiet
@greyburns6170
@greyburns6170 4 месяца назад
Turn up the volume
@twobob
@twobob 4 месяца назад
@@greyburns6170yeah I did. Compression is what is required. That said it was a good project. just too quiet.
Далее
Malware Development: System Calls
44:49
Malware Development: System Calls
Просмотров 42 тыс.
Coding a Web Server in 25 Lines - Computerphile
17:49
Coding a Web Server in 25 Lines - Computerphile
Просмотров 331 тыс.
Нашли в старом гараже JEEP Willys 1942 года!
42:19
Нашли в старом гараже JEEP Willys 1942 года!
Просмотров 842 тыс.
ПЫТАЮСЬ ТАЙНО СБЕЖАТЬ от ЗЛЫХ РОДИТЕЛЕЙ в SCHOOLBOY RUNAWAY в Майнкрафт...
25:41
ПЫТАЮСЬ ТАЙНО СБЕЖАТЬ от ЗЛЫХ РОДИТЕЛЕЙ в SCHOOLBOY RUNAWAY в Майнкрафт...
Просмотров 1,5 млн
And what is your height? 😁 @karina-kola
00:10
And what is your height? 😁 @karina-kola
Просмотров 1,8 млн
Pull The Lever challenge! Who's the lucky one? (Funny Minecraft Animation) #shorts #cartoon
00:23
Pull The Lever challenge! Who's the lucky one? (Funny Minecraft Animation) #shorts #cartoon
Просмотров 4,5 млн
Servers penetration testing - Metasploit tutorial
14:27
Servers penetration testing - Metasploit tutorial
Просмотров 20 тыс.
How GitHub's Database Self-Destructed in 43 Seconds
12:04
How GitHub's Database Self-Destructed in 43 Seconds
Просмотров 966 тыс.
10 (Neo)vim Search and Replace Tips Every Developer Should Know
37:55
10 (Neo)vim Search and Replace Tips Every Developer Should Know
Просмотров 1,6 тыс.
Redline Malware Traffic Analysis with Wireshark
10:46
Redline Malware Traffic Analysis with Wireshark
Просмотров 2,4 тыс.
How to Stalk People Effectively and Legally Through OSINT
18:34
How to Stalk People Effectively and Legally Through OSINT
Просмотров 866 тыс.
Malware Development: Process Injection
1:06:21
Malware Development: Process Injection
Просмотров 199 тыс.
Malware development 101: Creating your first ever MALWARE
28:00
Malware development 101: Creating your first ever MALWARE
Просмотров 293 тыс.
Coding Encrypted Chat in Python
20:33
Coding Encrypted Chat in Python
Просмотров 46 тыс.
Become a bash scripting pro - full course
36:00
Become a bash scripting pro - full course
Просмотров 48 тыс.
Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra
22:31
Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra
Просмотров 1,3 млн
Нашли в старом гараже JEEP Willys 1942 года!
42:19
Нашли в старом гараже JEEP Willys 1942 года!
Просмотров 842 тыс.