RE: Creating a Custom Trojan after Social Engineering
From: Eric McCarty (eric_at_piteduncan.com)
Date: 01/13/05
- Previous message: Todd Towles: "RE: Sample Risk Assessment Report"
- Maybe in reply to: Slider Slider: "Creating a Custom Trojan after Social Engineering"
- Next in thread: Todd Towles: "RE: Creating a Custom Trojan after Social Engineering"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 Jan 2005 10:29:45 -0800 To: "Slider Slider" <0bscur3@gmail.com>, <pen-test@securityfocus.com>
VNC offers the option to reverse connect using the -connect command
line.
Here is an example of using SSH and VNC. Not quite a remote access
Trojan but very simple.
http://faq.gotomyvnc.com/fom-serve/cache/128.html
-----Original Message-----
From: Slider Slider [mailto:0bscur3@gmail.com]
Sent: Wednesday, January 12, 2005 3:34 PM
To: pen-test@securityfocus.com
Subject: Creating a Custom Trojan after Social Engineering
In the middle of a pen test and I have sucessfully SE'd some employees
to visit a website that I created to download a keylogger. I was able to
get a lot of information. I am working on the firewall and there are no
open ports or services running, strictly internet access....so the
thought....
I want to exchange the executable keylogger for a trojan that will
connect to me from the client giving me remote access control. I have
sampled a few, but can't find any custom programs where I can tell it
what to do and when to uninstall.
Has anyone tried this?
0bscur3
- Previous message: Todd Towles: "RE: Sample Risk Assessment Report"
- Maybe in reply to: Slider Slider: "Creating a Custom Trojan after Social Engineering"
- Next in thread: Todd Towles: "RE: Creating a Custom Trojan after Social Engineering"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
