Penetration Testing mailing list archives
RE: Creating a Custom Trojan after Social Engineering
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 13 Jan 2005 17:02:00 -0600
http://ntsecurity.nu/papers/acktunneling/ NetCat can be set to call out to a pre-defined IP, I believe. Search for Rx.exe as well - Windows Universal Reverse Shell Trojan
-----Original Message----- From: Eric McCarty [mailto:eric () piteduncan com] Sent: Thursday, January 13, 2005 12:30 PM To: Slider Slider; pen-test () securityfocus com Subject: RE: Creating a Custom Trojan after Social Engineering VNC offers the option to reverse connect using the -connect command line. Here is an example of using SSH and VNC. Not quite a remote access Trojan but very simple. http://faq.gotomyvnc.com/fom-serve/cache/128.html -----Original Message----- From: Slider Slider [mailto:0bscur3 () gmail com] Sent: Wednesday, January 12, 2005 3:34 PM To: pen-test () securityfocus com Subject: Creating a Custom Trojan after Social Engineering In the middle of a pen test and I have sucessfully SE'd some employees to visit a website that I created to download a keylogger. I was able to get a lot of information. I am working on the firewall and there are no open ports or services running, strictly internet access....so the thought.... I want to exchange the executable keylogger for a trojan that will connect to me from the client giving me remote access control. I have sampled a few, but can't find any custom programs where I can tell it what to do and when to uninstall. Has anyone tried this? 0bscur3
Current thread:
- Creating a Custom Trojan after Social Engineering Slider Slider (Jan 13)
- <Possible follow-ups>
- RE: Creating a Custom Trojan after Social Engineering Eric McCarty (Jan 13)
- RE: Creating a Custom Trojan after Social Engineering Todd Towles (Jan 14)
- Re: Creating a Custom Trojan after Social Engineering H Carvey (Jan 14)
- RE: Creating a Custom Trojan after Social Engineering Todd Towles (Jan 17)