lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Jun 7 07:50:21 2006 From: joshuaperrymon at gmail.com (Josh L. Perrymon) Subject: Proxy Aware trojans/ payloads I'm working on implementing rootkitting/ trojans/ Browser exploits into my Phishing attacks... I have noticed how easy it is to get users to give up credentials but sometimes this only provides access to OWA for example...( if that is the only resource available ) The network I'm looking at now doesn't have much of an Internet presence so I haven't had any luck with any infrastructure or app holes... I got about 5 accounts us the Phishing attack above- also wrote a script to tail Apache custom logs and trend target users OS, browser, IP, plug-ins, and remote time in hopes of using this to craft a browser attack?.. But if only OWA is available I'm initially limited to info harvesting in hopes of finding something good in email.. (Usually sensitive docs) Which brings me to my question: What are the caveats of using browser exploits or Trojans/Rootkits to obtain a reverse shell? I would want it to come out something like HTTP or HTTPS or ICMP or DNS... depending on the internal architecture... Would one need to worry about the payload being proxy aware? I'm thinking that the proxy should cache credentials and allow the payload outbound since the user had to initiate the request and download the Trojan or visit my site to get exploited... OR would the backdoor or payload need to pass credentials? Shouldn't be a problem.. because I already have them :) Idears? JP www.packetfocus.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060607/07312f5f/attachment.html
Powered by blists - more mailing lists