isoeh.com https://www.isoeh.com/tutorialdetails/MTg5/malware-in-penetration-testing-3

MALWARE IN PENETRATION TESTING 3

MALWARE IN PENETRATION TESTING 3 (#ISOEH) © ISOEH 2014

for more tutorials visit https://www.isoeh.com/tutorial.php

continuing from where we left off.

->TROJAN HORSE (Backdoor)

Using some Social Engineering techniques, users are typically tricked intoexecuting the malicious program on their systems.

After it is activated, it can achieve any kind of attacks on the host, such as:Damage the partitions, deleting files, stealing data, or activating andspreading other malware, over the network.

Trojans are also known to create back doors to give malicious users remote access to the system.

->ROOTKIT

Is one of the most complex types to be developed and to identify.

Rootkits are malicious software with the task of operating in hidden mode from Operating System. perspective,and to do that are programmed to work as close as possible to the heart of the Operating System (called KernelSpace).

The rootkit may be able to subvert the software that is intended to find it.

Detection methods include using an alternative and trusted operating system, behavioral-based methods,signature scanning, difference scanning, and memory dump analysis.

Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel.

Reinstallation of the operating system and hardware replacement may be the only available to solution to theproblem.

->KEYLOGGERS

This are tools with the purpose to record everything have been typed by users.

User types on the keyboard while the tool intercept valuable information such as passwords and card numberscredit. They can be either hardware or software, but of course only the seconds is in the category of malware.

To accomplish their task, Keyloggers use some techniques typical of rootkits, such as changing drivers keyboardsor change the specifications of the OS libraries and the most advanced.