1. IT-Security >
  2. Cyber Security Nachrichten >
  3. BetterBackdoor - A Backdoor With A Multitude Of Features

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

BetterBackdoor - A Backdoor With A Multitude Of Features


IT Security Nachrichten vom | Direktlink: feedproxy.google.com Nachrichten Bewertung

A backdoor is a tool used to gain remote access to a machine.
Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks.

Features
BetterBackdoor can create and control a backdoor.
This created backdoor can:
  • Run Command Prompt commands
  • Run PowerShell scripts
  • Run DuckyScripts to inject keystrokes
  • Exfiltrate files based on extension
  • Exfiltrate Microsoft Edge and WiFi passwords
  • Send and receive files to and from victim's computer
  • Start a KeyLogger
  • Get a screenshot of victim's computer
  • Get text copied to victim's clipboard
  • Get contents from a victim's file (cat)

This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor.
To create the backdoor, BetterBackdoor:
  • Creates 'run.jar', the backdoor jar file, and copied it to directory 'backdoor'.
  • Appends a text file containing the server's IPv4 address to 'run.jar'.
  • If desired, copies a Java Runtime Environment to 'backdoor' and creates batch file 'run.bat' for running the backdoor in the packaged Java Runtime Environment.
To start the backdoor on a victim PC, transfer all files from the directory 'backdoor' onto a victim PC.
If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar.
This will start the backdoor on the victim's PC.
Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at start while connected to the same WiFi network as the victim's computer.

Demo


Requirements
  • A Java JDK distribution >=8 must be installed and added to PATH.
  • You must use the same computer to create and control the backdoor.
    • The computer used to create the backdoor must be on the same WiFi network as the victim's computer.
    • The IPv4 address of this computer must remain static in the time between creating the backdoor and controlling it.
  • The computer used to control the backdoor must have their firewall deactivated, and if the computer has a Unix OS, must run BetterBackdoor as 'sudo'.

Compatibility
BetterBackdoor is compatible with Windows, Mac, and Linux, while the backdoor is only compatible with Windows.

Installation
# clone BetterBackdoor
git clone https://github.com/ThatcherDev/BetterBackdoor.git

# change the working directory to BetterBackdoor
cd BetterBackdoor

# build BetterBackdoor with Maven
# for Windows run
mvnw.cmd clean package

# for Linux run
chmod +x mvnw
./mvnw clean package

# for Mac run
sh mvnw clean package

Usage
java -jar betterbackdoor.jar


...

Externe Webseite mit kompletten Inhalt öffnen



http://feedproxy.google.com/~r/PentestTools/~3/fnQYMC92Af4/betterbackdoor-backdoor-with-multitude.html

Team Security Social Media

➤ Weitere Beiträge von Team Security | IT Sicherheit

  • BetterBackdoor - A Backdoor With A Multitude Of Features

    vom 765.1 Punkte ic_school_black_18dp
    A backdoor is a tool used to gain remote access to a machine.Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor o
  • Shell Backdoor List - PHP / ASP Shell Backdoor List

    vom 187.21 Punkte ic_school_black_18dp
    What is a shell backdoor ?A backdoor shell is a malicious piece of code (e.g. PHP, Python, Ruby) that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files o
  • Rosenbridge - Hardware Backdoors In Some X86 CPUs

    vom 122.94 Punkte ic_school_black_18dp
    project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 (userland) code to circumvent processor protections to freely read and write ring 0 (kernel) data. While the backdoor is typica
  • New macOS Backdoor Linked to Cyber-espionage Group

    vom 106.98 Punkte ic_school_black_18dp
    A recently discovered macOS backdoor is believed to be a new version of malware previously associated with the OceanLotus cyber-espionage group, Trend Micro says. Also known as APT 32, APT-C-00, SeaLotus, and Cobalt Kitty, OceanLotus is believed to be operating
  • Lenovo Discovers and Removes Backdoor In Networking Switches

    vom 93.6 Punkte ic_school_black_18dp
    An anonymous reader writes: Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates last week. The Chinese company said it found the backdoor after an internal
  • Researchers Link New Android Backdoor to North Korean Hackers

    vom 78.74 Punkte ic_school_black_18dp
    The recently discovered KevDroid Android backdoor is tied to the North Korean hacking group APT37, Palo Alto Networks researchers say. Also tracked as Reaper, Group 123, Red Eyes, and ScarCruft, the threat group was observed earlier this year to be usin
  • PHA Family Highlights: Triada

    vom 74.65 Punkte ic_school_black_18dp
    Posted by Lukasz Siewierski, Android Security & Privacy Team We continue our PHA family highlights series with the Triada family, which was first discovered early in 2016. The main purpose of Triada apps was to install spam apps on a device that displays ads. The creators of Tri
  • Android Studio 3.0 Canary 1

    vom 72.66 Punkte ic_school_black_18dp
    By Jamal Eason, Product Manager, Android Just in time for Google I/O 2017, we're providing a sneak peak of Android Studio 3.0 - available to download today on our canary release channel. Android Studio's our official IDE, purpose-built for Android, and we keep increasing our investment. The feature set in Android Studi
  • Patchwork Cyberspies Update the Badnews Backdoor

    vom 66.86 Punkte ic_school_black_18dp
    Recent infection campaigns conducted by the Patchwork cyberespionage group have revealed the use of an EPS exploit and an updated backdoor, Palo Alto Networks reports. Believed to have been active since 2014, Patchwork, also known as Dropping Elephant or Chinastrats, is
  • Patchwork Cyberspies Update the Badnews Backdoor

    vom 66.86 Punkte ic_school_black_18dp
    Recent infection campaigns conducted by the Patchwork cyberespionage group have revealed the use of an EPS exploit and an updated backdoor, Palo Alto Networks reports. Believed to have been active since 2014, Patchwork, also known as Dropping Elephant or Chinastrats, is
  • "OceanLotus" Spies Use New Backdoor in Recent Attacks

    vom 66.86 Punkte ic_school_black_18dp
    OceanLotus, a cyber-espionage group believed to be operating out of Vietnam, has been using a new backdoor in recently observed attacks, but also using previously established tactics, ESET reveals. Also known as APT32 and APT-C-00, the advanced persistent threat (APT) has been targeting high-profile co
  • "OceanLotus" Spies Use New Backdoor in Recent Attacks

    vom 66.86 Punkte ic_school_black_18dp
    OceanLotus, a cyber-espionage group believed to be operating out of Vietnam, has been using a new backdoor in recently observed attacks, but also using previously established tactics, ESET reveals. Also known as APT32 and APT-C-00, the advanced persistent threat (APT) has been targeting high-profile co

Team Security Diskussion über BetterBackdoor - A Backdoor With A Multitude Of Features