PaulDotCom mailing list archives
Droping a VM during pentesting
From: jim.halfpenny at gmail.com (Jim Halfpenny)
Date: Tue, 10 Mar 2009 14:20:33 +0000
Hi all, I've spent a few cycles thinking about the idea from a previous of installing a virtual machine as a drop-box and I just wanted to dump my ideas and get some feedback. It has some distinct The idea is to install virtualisation software and a virtual machine on a target system for example by gaining physical access or by abusing autorun on a removable medium. Being a VM may shield it from anti-malware scanners so nefarious tools can be loaded an run on the target without detection. One possible stack to use would be Qemu and a damn small Linux derivative. It would be self contained and easy to install and remove and not require any changes to the networking on the host system. Once installed I would envision that the VM would perform reconnaissance against the target network and deliver the data over a covert channel. What do you think? Ideas and suggestions most welcome. Jim -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090310/4aa3f565/attachment.htm
Current thread:
- Droping a VM during pentesting Jim Halfpenny (Mar 10)
- Droping a VM during pentesting Robin Wood (Mar 10)
- Droping a VM during pentesting Jim Halfpenny (Mar 10)
- Droping a VM during pentesting John Sawyer (Mar 10)
- Droping a VM during pentesting johnemiller at gmail.com (Mar 10)
- Droping a VM during pentesting Jim Halfpenny (Mar 10)
- Droping a VM during pentesting johnemiller at gmail.com (Mar 10)
- Droping a VM during pentesting Robin Wood (Mar 10)