SlideShare uma empresa Scribd logo

Trojans and backdoors

Transferir como PPTX, PDF
Gaurav Dalvi
Gaurav Dalvi

It contents Information about the malware family. Worms Trojans Virus Rootkits

EducaçãoTecnologia
1 de 29
TROJANS AND BACKDOORS By Gaurav Dalvi 3rd Year CSE Reg no:-2011BCS501
MALWARE FAMILY. Trojans.  Viruses.  Worms.  Rootkits. 
BIRTH OF TROJAN  the story of old Greek.(Greek vs. Troy).
The Application works same as the story and is the most powerful application used for attacking computers.  A new game, an electronic mail or a free software from unknown person can implant Trojan or a backdoor.  The first Trojan computer infection is believed to have appeared in 1986 as a shareware program called “PC-Write”. 
WHAT IS TROJAN?  malicious payload inside a legitimate program.
TYPES OF TROJANS Destructive Trojan.  Denial Of Service Trojan.  Remote Access Trojan.  Data sending Trojan.  Proxy Trojan.  FTP Trojan.  Security Software Disabler Trojan. 
HOW SYSTEMS GET INFECTED BY TROJAN? Visiting untrusted websites.  Email Attachments.  Pirated Software. 
TROJAN DETECTION Manual With the help of tools Run key of regedit ComputerHKey_local_mac hineSoftwareMicrosoft WindowsCurrentversion Run put in it to run malicious software .   May appear as Malicious drivers C:windowsSystem32Driv ers*.sys  process explorer  Icesword(port monitoring) .  Driverview.  Srvman.  Sigverif.  TrojanHunter.
BACKDOOR CONCEPT A Backdoor allows a malicious attacker to maintain privileged access to a compromised host  Unix back doors are typically installed via a Worm ,Root Kit or manually after a system has been initially compromised.  Windows back doors are typically installed via a Virus, Worm or Trojan Horse. 
BACKDOOR INSTALLATION. Through Trojan.  Through ActiveX (embedded in website).  Protection offered by Microsoft. 
HIDING MECHANISMS. Cryptography.  Rootkits.  Use different protocols and port numbers.  Reverse control.  Backdoor timing. 
ROOTKITS  1. 2. 3. Classical rootkits Usually attacker replace the /bin/login file with the another version. He can also save the password of other users. Sometimes Classical Rootkit hide many things.  1. 2. 3. 4. Kernel rootkits Most powerful rootkit. It replaces the kernel of OS. It can also off monitoring, antivirus. It is very hard to detect.
VIRUSES
WORMS
SPREADING MALWARE . Fake programs (pop up/rogue security).  Internet downloads .  Internet Messenger.  Email attachments, Links.  Browser + email software Bugs.  May contain frame which contain malicious code.  Physical Access through keyloggers ,spywares. 
PROTECTION FROM MALWARE New Updates.  Personal Firewall.  Use non-admin account.  Use User Access Control. 
CASE STUDY. Back Orifice 2000.(Bo2k)  Oldest and most powerful backdoor used for training issues in windows machine.  It is Open source and is free available on Sorce forge website. 
BACK ORIFICE 2000 It was written by Deldog one of the member of the „Cult of the dead cow‟ group.  It was introduce in the DefCon Conference in 1999.  It was made for good use for monitoring activity but many people make the malicious use of it. 
ABILITIES OF BO2K BO2K is very small but very complete in abilities.  Its client code is just 100KB can be easily implanted on the victims computer.  It can use different kinds of Hiding technique.  In recent version it has the reverse client connection.  As it is open source you can customize according to your need. 
MAKING A TROJAN USE BO2K You can use binder application to bind the B02K client code with other program.  Elite wrap , Saran Wrap, Silk Rope which are mostly use to wrap BO2K. 
REFERENCES www.securitytube.net  CEHv7 courseware.  www.hackernews.com  www.insecure.com  www.securityforge.com  Defcon Conference. 
Trojans and backdoors

Recomendados

Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Malware and it's types
Malware and it's typesMalware and it's types
Malware and it's typesAakash Baloch
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityNemwos
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPESMALWARE AND ITS TYPES
MALWARE AND ITS TYPESdaniyalqureshi712
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacksn|u - The Open Security Community
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 

Recomendados

Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Malware and it's types
Malware and it's typesMalware and it's types
Malware and it's typesAakash Baloch
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityNemwos
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPESMALWARE AND ITS TYPES
MALWARE AND ITS TYPESdaniyalqureshi712
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacksn|u - The Open Security Community
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
The Trojan Horse (Computing)
The Trojan Horse (Computing)The Trojan Horse (Computing)
The Trojan Horse (Computing)Angel Sophie
 
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Bibek Sharma
 
MALWARE
MALWAREMALWARE
MALWAREAnupam Das
 
Virus worm trojan
Virus worm trojanVirus worm trojan
Virus worm trojan100701982
 
Computer Worms
Computer WormsComputer Worms
Computer Wormssadique_ghitm
 
How To Protect From Malware
How To Protect From MalwareHow To Protect From Malware
How To Protect From MalwareINFONAUTICS GmbH
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Spear phishing attacks
Spear phishing attacksSpear phishing attacks
Spear phishing attacksJorge Luis Sierra
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Malware and security
Malware and securityMalware and security
Malware and securityGurbakash Phonsa
 
trojan horse- malware(virus)
trojan horse- malware(virus)trojan horse- malware(virus)
trojan horse- malware(virus)NamanKikani
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attackAbdelhakim Salama
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentationikmal91
 
Malware
MalwareMalware
MalwareTuhin_Das
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
Computer virus
Computer virusComputer virus
Computer virusWalden University
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking IT Department Akre
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoorsjibinmanjooran
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 

Mais conteúdo relacionado

Mais procurados

Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
The Trojan Horse (Computing)
The Trojan Horse (Computing)The Trojan Horse (Computing)
The Trojan Horse (Computing)Angel Sophie
 
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Bibek Sharma
 
Virus worm trojan
Virus worm trojanVirus worm trojan
Virus worm trojan100701982
 
How To Protect From Malware
How To Protect From MalwareHow To Protect From Malware
How To Protect From MalwareINFONAUTICS GmbH
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
trojan horse- malware(virus)
trojan horse- malware(virus)trojan horse- malware(virus)
trojan horse- malware(virus)NamanKikani
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentationikmal91
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking IT Department Akre
 

Mais procurados (20)

Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
The Trojan Horse (Computing)
The Trojan Horse (Computing)The Trojan Horse (Computing)
The Trojan Horse (Computing)
 
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?
 
MALWARE
MALWAREMALWARE
MALWARE
 
Virus worm trojan
Virus worm trojanVirus worm trojan
Virus worm trojan
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
 
How To Protect From Malware
How To Protect From MalwareHow To Protect From Malware
How To Protect From Malware
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 
Spear phishing attacks
Spear phishing attacksSpear phishing attacks
Spear phishing attacks
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpoint
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Future
 
Malware and security
Malware and securityMalware and security
Malware and security
 
trojan horse- malware(virus)
trojan horse- malware(virus)trojan horse- malware(virus)
trojan horse- malware(virus)
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attack
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentation
 
Malware
MalwareMalware
Malware
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?
 
Computer virus
Computer virusComputer virus
Computer virus
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking
 

Destaque

Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoorsjibinmanjooran
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
How to Backdoor Diffie-Hellman
How to Backdoor Diffie-HellmanHow to Backdoor Diffie-Hellman
How to Backdoor Diffie-HellmanDavid Wong
 
Java Database Connectivity
Java Database ConnectivityJava Database Connectivity
Java Database Connectivitybackdoor
 
Distributed Programming using RMI
Distributed Programming using RMI Distributed Programming using RMI
Distributed Programming using RMIbackdoor
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tatSensePost
 
Sin título 1
Sin título 1Sin título 1
Sin título 1Fiximun
 
Cómo y por qué abrimos nuestra plataforma
Cómo y por qué abrimos nuestra plataformaCómo y por qué abrimos nuestra plataforma
Cómo y por qué abrimos nuestra plataformaDaniel Rabinovich
 
Malware by Jordan Diaz
Malware by Jordan DiazMalware by Jordan Diaz
Malware by Jordan DiazJordan Diaz
 
ISSM APP IT1 FACIANE.PDF
ISSM APP IT1 FACIANE.PDFISSM APP IT1 FACIANE.PDF
ISSM APP IT1 FACIANE.PDFAshley Faciane
 

Destaque (20)

Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
How to Backdoor Diffie-Hellman
How to Backdoor Diffie-HellmanHow to Backdoor Diffie-Hellman
How to Backdoor Diffie-Hellman
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors Seminar
 
Java Database Connectivity
Java Database ConnectivityJava Database Connectivity
Java Database Connectivity
 
Computer Viruses
Computer VirusesComputer Viruses
Computer Viruses
 
Trojan Horse Virus
Trojan Horse VirusTrojan Horse Virus
Trojan Horse Virus
 
Distributed Programming using RMI
Distributed Programming using RMI Distributed Programming using RMI
Distributed Programming using RMI
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tat
 
Presentación1
Presentación1Presentación1
Presentación1
 
alberto martin, seguridad
alberto martin, seguridadalberto martin, seguridad
alberto martin, seguridad
 
Sin título 1
Sin título 1Sin título 1
Sin título 1
 
Cómo y por qué abrimos nuestra plataforma
Cómo y por qué abrimos nuestra plataformaCómo y por qué abrimos nuestra plataforma
Cómo y por qué abrimos nuestra plataforma
 
Malware by Jordan Diaz
Malware by Jordan DiazMalware by Jordan Diaz
Malware by Jordan Diaz
 
Lucas
LucasLucas
Lucas
 
Backdoors PHP y ofuscación
Backdoors PHP y ofuscaciónBackdoors PHP y ofuscación
Backdoors PHP y ofuscación
 
ISSM APP IT1 FACIANE.PDF
ISSM APP IT1 FACIANE.PDFISSM APP IT1 FACIANE.PDF
ISSM APP IT1 FACIANE.PDF
 
File000145
File000145File000145
File000145
 
CRM, Technology and Fitness
CRM, Technology and FitnessCRM, Technology and Fitness
CRM, Technology and Fitness
 

Semelhante a Trojans and backdoors

Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan BackdoorsJauwadSyed
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES Sagilasagi1
 
Malware by Ms. Allwood
Malware by Ms. AllwoodMalware by Ms. Allwood
Malware by Ms. AllwoodStavia
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar reportNamanKikani
 
NEXT GENERATION SITE BUILDING TECHNOLOGY
NEXT GENERATION SITE BUILDING TECHNOLOGYNEXT GENERATION SITE BUILDING TECHNOLOGY
NEXT GENERATION SITE BUILDING TECHNOLOGYShah Rashedul LastHaque
 
Protecting your computer_from_viruses
Protecting your computer_from_virusesProtecting your computer_from_viruses
Protecting your computer_from_virusesLihtnes1
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 

Semelhante a Trojans and backdoors (20)

The malware (r)evolution
The malware (r)evolutionThe malware (r)evolution
The malware (r)evolution
 
virus
virusvirus
virus
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan Backdoors
 
Dickmaster
DickmasterDickmaster
Dickmaster
 
Information security
Information securityInformation security
Information security
 
Malware
MalwareMalware
Malware
 
Malware
MalwareMalware
Malware
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
viruses.pptx
viruses.pptxviruses.pptx
viruses.pptx
 
Malware by Ms. Allwood
Malware by Ms. AllwoodMalware by Ms. Allwood
Malware by Ms. Allwood
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar report
 
NEXT GENERATION SITE BUILDING TECHNOLOGY
NEXT GENERATION SITE BUILDING TECHNOLOGYNEXT GENERATION SITE BUILDING TECHNOLOGY
NEXT GENERATION SITE BUILDING TECHNOLOGY
 
Protecting your computer_from_viruses
Protecting your computer_from_virusesProtecting your computer_from_viruses
Protecting your computer_from_viruses
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 
Anti virus
Anti virusAnti virus
Anti virus
 
MALWARES.pptx
MALWARES.pptxMALWARES.pptx
MALWARES.pptx
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 

Último

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 

Último (20)

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 

Trojans and backdoors

  • 1. TROJANS AND BACKDOORS By Gaurav Dalvi 3rd Year CSE Reg no:-2011BCS501
  • 2. MALWARE FAMILY. Trojans.  Viruses.  Worms.  Rootkits. 
  • 3. BIRTH OF TROJAN  the story of old Greek.(Greek vs. Troy).
  • 4. The Application works same as the story and is the most powerful application used for attacking computers.  A new game, an electronic mail or a free software from unknown person can implant Trojan or a backdoor.  The first Trojan computer infection is believed to have appeared in 1986 as a shareware program called “PC-Write”. 
  • 5. WHAT IS TROJAN?  malicious payload inside a legitimate program.
  • 6. TYPES OF TROJANS Destructive Trojan.  Denial Of Service Trojan.  Remote Access Trojan.  Data sending Trojan.  Proxy Trojan.  FTP Trojan.  Security Software Disabler Trojan. 
  • 7. HOW SYSTEMS GET INFECTED BY TROJAN? Visiting untrusted websites.  Email Attachments.  Pirated Software. 
  • 8.
  • 9.
  • 10. TROJAN DETECTION Manual With the help of tools Run key of regedit ComputerHKey_local_mac hineSoftwareMicrosoft WindowsCurrentversion Run put in it to run malicious software .   May appear as Malicious drivers C:windowsSystem32Driv ers*.sys  process explorer  Icesword(port monitoring) .  Driverview.  Srvman.  Sigverif.  TrojanHunter.
  • 11.
  • 12. BACKDOOR CONCEPT A Backdoor allows a malicious attacker to maintain privileged access to a compromised host  Unix back doors are typically installed via a Worm ,Root Kit or manually after a system has been initially compromised.  Windows back doors are typically installed via a Virus, Worm or Trojan Horse. 
  • 13. BACKDOOR INSTALLATION. Through Trojan.  Through ActiveX (embedded in website).  Protection offered by Microsoft. 
  • 14. HIDING MECHANISMS. Cryptography.  Rootkits.  Use different protocols and port numbers.  Reverse control.  Backdoor timing. 
  • 15. ROOTKITS  1. 2. 3. Classical rootkits Usually attacker replace the /bin/login file with the another version. He can also save the password of other users. Sometimes Classical Rootkit hide many things.  1. 2. 3. 4. Kernel rootkits Most powerful rootkit. It replaces the kernel of OS. It can also off monitoring, antivirus. It is very hard to detect.
  • 17.
  • 18.
  • 19. WORMS
  • 20.
  • 21.
  • 22. SPREADING MALWARE . Fake programs (pop up/rogue security).  Internet downloads .  Internet Messenger.  Email attachments, Links.  Browser + email software Bugs.  May contain frame which contain malicious code.  Physical Access through keyloggers ,spywares. 
  • 23. PROTECTION FROM MALWARE New Updates.  Personal Firewall.  Use non-admin account.  Use User Access Control. 
  • 24. CASE STUDY. Back Orifice 2000.(Bo2k)  Oldest and most powerful backdoor used for training issues in windows machine.  It is Open source and is free available on Sorce forge website. 
  • 25. BACK ORIFICE 2000 It was written by Deldog one of the member of the „Cult of the dead cow‟ group.  It was introduce in the DefCon Conference in 1999.  It was made for good use for monitoring activity but many people make the malicious use of it. 
  • 26. ABILITIES OF BO2K BO2K is very small but very complete in abilities.  Its client code is just 100KB can be easily implanted on the victims computer.  It can use different kinds of Hiding technique.  In recent version it has the reverse client connection.  As it is open source you can customize according to your need. 
  • 27. MAKING A TROJAN USE BO2K You can use binder application to bind the B02K client code with other program.  Elite wrap , Saran Wrap, Silk Rope which are mostly use to wrap BO2K. 
  • 28. REFERENCES www.securitytube.net  CEHv7 courseware.  www.hackernews.com  www.insecure.com  www.securityforge.com  Defcon Conference. 

Notas do Editor

  1. It is seemingly useful program containing malware (rogue software)
  2. visiting website can cause to infect the system.click to install npav but installspyware, keyloggerrootkit remote control
  3. PoisonIVY-botnet command control centerbanker Fox-steals banking-Data-often through "Free" Software MP3 file
  4. Classical Rootkits focus on linux based system.Usually attacker replace the /bin/login file with the another version.He can also save the password of other users.Sometimes Classical Rootkit hide many things.(network infromation(netstat,ifconfig),Disk Usage (du,df),Listing of File(ls),Finding of file(find),process status(ps))PROMISC flag in ifconfig file.(sniffing program)KernelRootkitsMost powerful rootkit.It replaces the kernel of OS.It can show network information, file status ,disk usage, port number, process status and other thing.It can also off monitaring ,antivirus.It is very hard to detect.Reverse Control.If there is a private network and victims system is running on the specific i[ address then it becomes difficult for attacker to communicate with the victim’s system.In this situation the backdoor come into picture.Attacker establish a server with the specific ip address and the backdoor can communicate with it inside the firewallEg :- making use of the HTTP protocol the backdoor can request for the commands for the attacker and the attacker can send it in the HTTTP format.Backdoor timing.The attacker can make use of the service which are used for updating the system.In Linux the cron command and in windows the scheduler .He can time the backdoor in such a way at the time when the system administrator in not in the office.
  5. Rootkit:-take control of a systemBuilt in backdoorOften deployed as a torjangood s\w +bad s\w =trojanVery stealthy(silent)-obsure(hide) registry-folder-processesrun under system privileges mod access torjanvery dangerous
  6. Self replicating malware, attached to a files, often to other computers.Lives forever(unless date term exists).spread mostly through human intervention.
  7. WormsSelf replicating malware ,mem-resident,It spread through self replicating Possible resource-intensiveReplicates over network(shares)Often Bot-nets(to create army of bot-net)Distribute itself to everyoneEg:-COnflickerDeny access to administrative accessristrict access to security sitespayload=-actual code which runs on the system after exploitation.