The articulation of the OP suggests they aren't taking the subject seriously. Now I'll address your other concern in a more elaborate manner. But my point in mentioning Selenium was specifically to introduce them to headless programs. If you don't know why, I suggest looking them up. most certainly can be used in headless malware attacks. Not sure how you missed that one.ĥ) Selenium and PhantomJS, etc. That's how they pictures end up spread on the internet.ģ) Running malware on an authorized machine is not a felony and I never said it was.Ĥ) I explicitly said that you won't find all the resources on the clearnet. That's how a lot of people get jobs they have no business having.Ģ) A number of people on this sub are under 18 just looking for ways to hack the high school slut's puter. I'll highlight those reasons below.ġ) A number of people on this sub are under 18 just looking for ways to change their grades on school computers. The RAT can do as much as you want (or it has been programmed to do/understand the commands) like edit the Windows registry, create users, open browsers, install programs, read keyboard presses, listen on the mic, access files, etcįace it, other people upvoted for a reason. In a reverse connection, you just "reverse" everything:The attacker becomes a Host and the victim becomes a Client.Since the attacker can control his own computer, he can open a port and make the victim connect.Įdit: About the screen sharing, the RAT just receives the "capture screen" command, captures the screen and sends the video (screen pixels) back to the attacker through the connection. There's a solution: Reverse connections (reverse shells for example) It's easily detected by AVs (it's an incomming connection that hasn't been requested first).It will trigger a firewall message (at least on Windows).The RAT will need admin privileges to open the port it will listen on.That gives us some problems on the victim's side: The attacker connects to that port and starts sending commands.The RAT opens a port on the victim's computer.Now, when you open the socket/connection the other side needs to accept and open one too or nothing is gonna happen.RATs do that, they open the connection on the remote machine so both sides are connected and it just waits for incoming commands.Ībout the Cient-Server schema, in a normal situation we have the victim (Host) and the attacker (client).It would work like this: Sockets can be opened/used in numerous programming languages (like Python, C#, C++, VB, Java, etc) and script languages (like Powershell or Bash). That program/script creates a socket (a connection) between your machine and another machine allowing them both to send and receive data. It's a program or script that opens a TCP or HTTP connection and creates a Client Server schema. ![]() Play nice, support each other and encourage learning. We are not tech support, these posts should be kept on /r/techsupportĭon't be a dick. Low-effort content will be removed at moderator discretion from security firms/pen testing companies is allowed within the confines of site-wide rules on self promotion found here, but will otherwise be considered spam. ![]() Spam is strictly forbidden and will result in a ban. Sharing of personal data is forbidden - no doxxing or IP dumping No "I got hacked" posts unless it's an interesting post-mortem of a unique attack. "How does HSTS prevent SSL stripping?" is a good question. Intermediate questions are welcomed - e.g.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |