Ce diaporama a bien été signalé.
Le téléchargement de votre SlideShare est en cours. ×

Hacking with Remote Admin Tools (RAT)

14 jan. 2014
14 j’aime 49 737 vues
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Prochain SlideShare
Step by Step on How to Setup DarkComet
Step by Step on How to Setup DarkComet
Chargement dans…3
×

Consultez-les par la suite

VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
Introduction to Metasploit
GTU
SSRF workshop
Ivan Novikov
Basic malware analysis
securityxploded
Wi-Fi Hotspot Attacks
Greg Foss
Burp suite
SOURABH DESHMUKH
Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...
Chris Gates
Bug bounty
n|u - The Open Security Community
1 sur 41 Publicité

Hacking with Remote Admin Tools (RAT)

14 jan. 2014
14 j’aime 49 737 vues

Télécharger pour lire hors ligne

Technologie

This presentation is a fun introduction to the tools used by script kiddies, namely the Remote Admin Tools (or Remote Access Trojans). These GUI based hacking tools include a lot of funny and scary features.

This presentation is a fun introduction to the tools used by script kiddies, namely the Remote Admin Tools (or Remote Access Trojans). These GUI based hacking tools include a lot of funny and scary features.

Technologie
Publicité

Suggestions

Step by Step on How to Setup DarkComet
Pich Pra Tna
10.4k vues
19 diapositives
Ultimate Guide to Setup DarkComet with NoIP
Pich Pra Tna
41.6k vues
19 diapositives
Cyber security
abithajayavel
335 vues
15 diapositives
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
3.3k vues
20 diapositives
Man in The Middle Attack
Deepak Upadhyay
11.8k vues
24 diapositives
Zap vs burp
Tomasz Fajks
11.6k vues
12 diapositives
Firewall
Muhammad Sohaib Afzaal
4.2k vues
21 diapositives
Adversary Emulation using CALDERA
Erik Van Buggenhout
1.1k vues
45 diapositives
Publicité

Plus De Contenu Connexe

Diaporamas pour vous (20)

VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
6.2k vues
Introduction to Metasploit
GTU
124 vues
SSRF workshop
Ivan Novikov
7.1k vues
Basic malware analysis
securityxploded
3.6k vues
Wi-Fi Hotspot Attacks
Greg Foss
10.3k vues
Burp suite
SOURABH DESHMUKH
4.1k vues
Purple Teaming the Cyber Kill Chain: Practical Exercises for Everyone Sector...
Chris Gates
5.5k vues
Bug bounty
n|u - The Open Security Community
4.4k vues
How MITRE ATT&CK helps security operations
Sergey Soldatov
4.5k vues
Cyber Security Presentation
HaniyaMaha
2.1k vues
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
Sirris
336 vues
Bug Bounty - Hackers Job
Arbin Godar
1.3k vues
It security and awareness training 5 10-2018
jubke
236 vues
Module 2 (footprinting)
Wail Hassan
436 vues
Password Attack
Sina Manavi
12.5k vues
Ethical hacking
Prabhat kumar Suman
541 vues
Torjan horse virus
sumitra22
1.5k vues
14 tips to increase cybersecurity awareness
Michel Bitter
390 vues
Deep dive into ssrf
n|u - The Open Security Community
654 vues
Web Uygulama Güvenliği 101
Mehmet Ince
3k vues
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
6.2k vues
26 diapositives
Introduction to Metasploit
GTU
124 vues
16 diapositives
SSRF workshop
Ivan Novikov
7.1k vues
24 diapositives
Basic malware analysis
securityxploded
3.6k vues
33 diapositives
Wi-Fi Hotspot Attacks
Greg Foss
10.3k vues
73 diapositives
Burp suite
SOURABH DESHMUKH
4.1k vues
12 diapositives

Similaire à Hacking with Remote Admin Tools (RAT) (20)

Porting your favourite cmdline tool to Android
Vlatko Kosturjak
1.3k vues
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
Felipe Prado
69 vues
How to be come a hacker slide for 2600 laos
Outhai SAIOUDOM
213 vues
Pentesting Android Applications
Cláudio André
8.2k vues
ShinoBOT Suite
Shota Shinogi
27.1k vues
Smart Cards & Devices Forum 2012 - Smart Phones Security
OKsystem
628 vues
Night of the living vulnerabilities: forever-days of IoT - Stefano Zanero, Ro...
Codemotion
52 vues
Night of the living vulnerabilities: forever-days of IoT - Stefano Zanero, Ro...
Codemotion
54 vues
How Printers Get Hacked ?
HusseinMuhaisen
357 vues
The Hacking Games - Operation System Vulnerabilities Meetup 29112022
lior mazor
18 vues
Metasploit3 - David Calligaris
Daniele Albrizio
839 vues
Antivirus Evasion Techniques and Countermeasures
securityxploded
12.9k vues
Anti-Virus Evasion Techniques and Countermeasures
n|u - The Open Security Community
902 vues
Rootkit Hunting & Compromise Detection
amiable_indian
1.3k vues
Rooted con 2020 - from the heaven to hell in the CI - CD
Daniel Garcia (a.k.a cr0hn)
144 vues
Blue team reboot - HackFest
Haydn Johnson
586 vues
CODE BLUE 2014 : how to avoid the Detection by Malware by HIROSHI SNINOTSUKA
CODE BLUE
1.1k vues
TSC Summit #3 - Reverse engineering and anti debugging techniques
Mikal Villa
418 vues
From printed circuit boards to exploits
virtualabs
65 vues
LET'S GO FLUTTER – Introduzione a Dart
Federico Parezzan
114 vues
Porting your favourite cmdline tool to Android
Vlatko Kosturjak
1.3k vues
43 diapositives
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
Felipe Prado
69 vues
67 diapositives
How to be come a hacker slide for 2600 laos
Outhai SAIOUDOM
213 vues
58 diapositives
Pentesting Android Applications
Cláudio André
8.2k vues
36 diapositives
ShinoBOT Suite
Shota Shinogi
27.1k vues
24 diapositives
Smart Cards & Devices Forum 2012 - Smart Phones Security
OKsystem
628 vues
92 diapositives
Publicité

Plus par Zoltan Balazs (20)

MLSEC 2020
Zoltan Balazs
10 vues
Web3 + scams = It's a match
Zoltan Balazs
13 vues
MIPS-X
Zoltan Balazs
108 vues
How to hide your browser 0-day @ Disobey
Zoltan Balazs
459 vues
Explain Ethereum smart contract hacking like i am a five
Zoltan Balazs
281 vues
How to hide your browser 0-days
Zoltan Balazs
2.3k vues
Test & Tea : ITSEC testing, manual vs automated
Zoltan Balazs
444 vues
Hacking Windows 95 #33c3
Zoltan Balazs
599 vues
Ransomware - what is it, how to protect against it
Zoltan Balazs
2.2k vues
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
3.8k vues
IoT security is a nightmare. But what is the real risk?
Zoltan Balazs
7.3k vues
Sandboxes
Zoltan Balazs
1.2k vues
Sandbox detection: leak, abuse, test - Hacktivity 2015
Zoltan Balazs
3.7k vues
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Zoltan Balazs
10.1k vues
[ENG] Hacktivity 2013 - Alice in eXploitland
Zoltan Balazs
1.4k vues
[ENG] OHM2013 - The Quest for the Client-Side Elixir Against Zombie Browsers -
Zoltan Balazs
5.1k vues
[HUN] Védtelen böngészők - Ethical Hacking
Zoltan Balazs
1k vues
[ENG] Hacker halted 2012 - Zombie browsers, spiced with rootkit extensions
Zoltan Balazs
787 vues
[ENG] Zombie browsers spiced with rootkit extensions - Hacktivity 2012
Zoltan Balazs
1.3k vues
[HUN] Zombi tűzróka, avagy mire képes egy rosszindulatú böngősző kiegészitő
Zoltan Balazs
773 vues
MLSEC 2020
Zoltan Balazs
10 vues
24 diapositives
Web3 + scams = It's a match
Zoltan Balazs
13 vues
133 diapositives
MIPS-X
Zoltan Balazs
108 vues
31 diapositives
How to hide your browser 0-day @ Disobey
Zoltan Balazs
459 vues
49 diapositives
Explain Ethereum smart contract hacking like i am a five
Zoltan Balazs
281 vues
46 diapositives
How to hide your browser 0-days
Zoltan Balazs
2.3k vues
49 diapositives

Plus récents (20)

"Flagging your features — a DevOps approach to continuous release", Alex Thissen
Fwdays
0 vues
RFID in libraries
AlineEphrem
0 vues
SLT.pptx
TharinduNirushan
0 vues
Adiwijaya for SNTIKI UIN SUSKA 26 Oktober 2022 .pdf
ELSAHARMANIOLASISTEM
0 vues
Introduction to HCI.ppt
africauniversity1
0 vues
5G The Quick Guide I need.pdf
Abari Rasheed O (ITIL)
0 vues
Air purifier carrier india.pdf
Carrier Air Conditioner India
0 vues
Google Sites and Digital Portfolios.pptx
Aj Kritsada Sriphaew
1 vue
How To Automate a Cloud Compliance Platform_.pdf
TransformHub1
0 vues
БИМПРО - создание информационных моделей BIM
ElleCarinel
0 vues
MCube_slides_20min.pptx
ManishSharma846413
0 vues
Logo and Business Card Feedback
TillyBrown1
0 vues
Aprende a diseñar tableros de control (dashboard) de Alto impacto
nnakasone
0 vues
Azure Synapse LInk
nnakasone
33 vues
개발자의 네트워킹
Wonjun Hwang
6 vues
Towards Responsible AI - Global AI Student Conference 2022.pptx
Luis775803
4 vues
Oracle Integration Cloud – Pragmatic approach to integrations
Jade Global
3 vues
Salesforce Marketing Cloud PDF.pdf
Ashapura Softech INC
3 vues
Enterprise Cyber Security Fundamentals_Certificate of Achievement.pdf
SorinArseneOnu
0 vues
A.L.P - B12.pdf
DIANAMELISATAIROCOND1
0 vues
"Flagging your features — a DevOps approach to continuous release", Alex Thissen
Fwdays
0 vues
38 diapositives
RFID in libraries
AlineEphrem
0 vues
12 diapositives
SLT.pptx
TharinduNirushan
0 vues
20 diapositives
Adiwijaya for SNTIKI UIN SUSKA 26 Oktober 2022 .pdf
ELSAHARMANIOLASISTEM
0 vues
17 diapositives
Introduction to HCI.ppt
africauniversity1
0 vues
40 diapositives
5G The Quick Guide I need.pdf
Abari Rasheed O (ITIL)
0 vues
16 diapositives
Publicité

Hacking with Remote Admin Tools (RAT)

  1. 1. Hacking with Remote Admin Tools (RATs) Zoltan Balazs CTO @MRG Effitas Budapest IT Security Meetup January 2014
  2. 2. Remote admin tools Could be legitimate Usually it is not All the features for remote administration Upload/download files Registry editor Shell commands Remote desktop Using RAT might be illegal, and might be considered as a crime! Don’t try this at home!
  3. 3. Why are these skiddie toolz important? Only pentesters use meterpreter Script kiddies use RATs Not just "1337 |-|4x0r5” use RATs! Know your enemy! Malware incident response Forensic investigation
  4. 4. Typical RAT scenario
  5. 5. 1998
  6. 6. DEF CON 6 on August 1, 1998
  7. 7. Dictionary to skiddie language Skiddie world server client FUD cryptor private/elite/gold version Average world client malware on victim server code @skiddie Fully UnDetectable some lame packer full version (not demo)
  8. 8. Tutorialz for script bunniez How to fail at OPSEC? https://www.youtube.com/results? search_query=setup+rat+tutorial http://www.youtube.com/watch?v =NkkqPLVscC4
  9. 9. #opsecfail
  10. 10. #opsecfail
  11. 11. #opsecfail
  12. 12. #opsecfail
  13. 13. #opsecfail
  14. 14. The skiddie’s youtube list on Cyber Threat Task Force (google cache only)
  15. 15. But a script kitty’s life is not just about work But FUN as well!
  16. 16. Fun manager - Fun menu
  17. 17. Extra fun
  18. 18. Fun feature 3
  19. 19. Fun feature 4 – Matrix chat
  20. 20. Fun feature 5
  21. 21. Ultimate fun …
  22. 22. Ultimate fun feature 6 - Piano
  23. 23. Hacking Internet Explorer
  24. 24. Scary features
  25. 25. Scary feature 1 DLL inject into iexplore.exe Proxy aware Transparent proxy authentication Local software firewall bypass No new process running
  26. 26. Scary feature 2 – Melt/uninstall Melt server deletes the dropper No wipe Forensics restoration possible Uninstall server deletes the persistence file No wipe Forensics restoration possible
  27. 27. Scary feature - Alternate data stream
  28. 28. Scary feature 3 - Anti AV
  29. 29. Scary feature 4 – Anti VM, Anti sandbox
  30. 30. Private/elite version Downloading and running binaries from people like this is a bad idea! hxxp://www.theatregelap.com/2012/06/xtreme rat-v-36-private.html
  31. 31. JRAT Multiplatform Evade some software firewalls (java.exe allowed) Easier to obfuscate Screenshots ©Symantec
  32. 32. AndroRAT © VRT Snort blog
  33. 33. Cryptor
  34. 34. High profile attacks
  35. 35. High profile attacks

×