DEFCON 22 Lance Buttars Nemus Intro to Backdooring OS

8/11/2019 DEFCON 22 Lance Buttars Nemus Intro to Backdooring OS

1/70
http://www.dc801.org/http://www.introtobackdoors.com/http://www.introtobackdoors.com/http://www.dc801.org/


2/70


3/70


4/70


5/70


6/70


7/70


8/70


9/70


10/70


11/70
http://code.google.com/p/vim-win3264/downloads/detail?name=vim73-x64.zip&can=2&q=http://code.google.com/p/vim-win3264/downloads/detail?name=vim73-x64.zip&can=2&q=http://code.google.com/p/vim-win3264/downloads/detail?name=vim73-x64.zip&can=2&q=http://nebm.ist.utl.pt/~glopes/wget/http://www.kali.org/http://joncraton.org/blog/46/netcat-for-windows/http://joncraton.org/blog/46/netcat-for-windows/http://www.kali.org/http://nebm.ist.utl.pt/~glopes/wget/http://code.google.com/p/vim-win3264/downloads/detail?name=vim73-x64.zip&can=2&q=http://code.google.com/p/vim-win3264/downloads/detail?name=vim73-x64.zip&can=2&q=http://code.google.com/p/vim-win3264/downloads/detail?name=vim73-x64.zip&can=2&q=


12/70


13/70


14/70
http://gallery.technet.microsoft.com/Batch-Script-To-Manage-7d0ef21ehttp://gallery.technet.microsoft.com/Batch-Script-To-Manage-7d0ef21e


15/70
http://www.offensive-security.com/metasploit-unleashed/Persistent_Netcat_Backdoorhttp://www.offensive-security.com/metasploit-unleashed/Persistent_Netcat_Backdoor


16/70


17/70


18/70
http://technet.microsoft.com/en-us/sysinternals/bb897437.aspxhttp://technet.microsoft.com/en-us/sysinternals/bb897437.aspxhttp://technet.microsoft.com/en-us/sysinternals/bb897437.aspxhttp://technet.microsoft.com/en-us/sysinternals/bb897437.aspxhttp://technet.microsoft.com/en-us/sysinternals/bb897437.aspx


19/70


20/70


21/70
http://vbscripts.webs.com/prankshttp://vbscripts.webs.com/pranks


22/70


23/70
http://www.instructables.com/id/how-to-make-a-fork-bomb-exe/http://www.instructables.com/id/how-to-make-a-fork-bomb-exe/


24/70


25/70


26/70


27/70


28/70


29/70


30/70


31/70


32/70
http://sourceforge.net/projects/bat2exe/http://sourceforge.net/projects/htwoo/http://ps2exe.codeplex.com/http://ps2exe.codeplex.com/http://sourceforge.net/projects/htwoo/http://sourceforge.net/projects/bat2exe/


33/70


34/70
http://support.microsoft.com/kb/313565http://support.microsoft.com/kb/313565


35/70
http://technet.microsoft.com/en-us/sysinternals/bb897443.aspxhttp://technet.microsoft.com/en-us/sysinternals/bb897443.aspx


36/70


37/70
http://www.harding.motd.ca/autossh/http://netcat.sourceforge.net/http://www.linuxfromscratch.org/lfs/view/development/chapter05/coreutils.htmlhttp://www.linuxfromscratch.org/lfs/view/development/chapter05/coreutils.htmlhttp://www.linuxfromscratch.org/blfs/view/svn/general/screen.htmlhttp://www.linuxfromscratch.org/blfs/view/svn/general/screen.htmlhttp://www.linuxfromscratch.org/blfs/view/svn/general/screen.htmlhttp://www.linuxfromscratch.org/blfs/view/svn/general/screen.htmlhttp://www.linuxfromscratch.org/lfs/view/development/chapter05/coreutils.htmlhttp://www.linuxfromscratch.org/lfs/view/development/chapter05/coreutils.htmlhttp://netcat.sourceforge.net/http://www.harding.motd.ca/autossh/


38/70


39/70


40/70


41/70


42/70


43/70
http://www.ex-parrot.com/pete/upside-down-ternet.htmlhttp://unix.stackexchange.com/questions/232/unix-linux-prankshttp://unix.stackexchange.com/questions/232/unix-linux-prankshttp://www.ex-parrot.com/pete/upside-down-ternet.html


44/70
http://www.commandlinefu.com/commands/view/177/translate-your-terminal-into-swedish-chefhttp://www.commandlinefu.com/commands/view/177/translate-your-terminal-into-swedish-chefhttp://www.commandlinefu.com/commands/view/177/translate-your-terminal-into-swedish-chefhttp://www.commandlinefu.com/commands/view/177/translate-your-terminal-into-swedish-chefhttp://www.commandlinefu.com/commands/view/177/translate-your-terminal-into-swedish-chefhttp://www.commandlinefu.com/commands/view/177/translate-your-terminal-into-swedish-chef


45/70


46/70


47/70
http://danielbeard.wordpress.com/2011/06/08/detaching-a-running-process-from-a-bash-shell/http://danielbeard.wordpress.com/2011/06/08/detaching-a-running-process-from-a-bash-shell/http://danielbeard.wordpress.com/2011/06/08/detaching-a-running-process-from-a-bash-shell/http://danielbeard.wordpress.com/2011/06/08/detaching-a-running-process-from-a-bash-shell/


48/70
http://www.php.net/manual/en/book.bcompiler.phphttp://www.phpcompiler.org/http://www.ioncube.com/http://hhvm.com/http://stackoverflow.com/questions/1408417/can-you-compile-php-codehttp://stackoverflow.com/questions/1408417/can-you-compile-php-codehttp://stackoverflow.com/questions/1845197/convert-php-file-to-binaryhttp://stackoverflow.com/questions/1845197/convert-php-file-to-binaryhttp://stackoverflow.com/questions/1845197/convert-php-file-to-binaryhttp://stackoverflow.com/questions/1845197/convert-php-file-to-binaryhttp://stackoverflow.com/questions/1408417/can-you-compile-php-codehttp://stackoverflow.com/questions/1408417/can-you-compile-php-codehttp://hhvm.com/http://www.ioncube.com/http://www.phpcompiler.org/http://www.php.net/manual/en/book.bcompiler.php


49/70


50/70


51/70


52/70
http://commons.wikimedia.org/wiki/File:Reverse_ssh_tunnel.jpghttp://commons.wikimedia.org/wiki/File:Reverse_ssh_tunnel.jpg


53/70


54/70


55/70


56/70


57/70


58/70
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.htmlhttp://nemesis2.qx.net/pages/MyEnTunnelhttp://nemesis2.qx.net/pages/MyEnTunnelhttp://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


59/70


60/70


61/70
http://www.offensive-security.com/metasploit-unleashed/Binary_Payloadshttp://www.offensive-security.com/metasploit-unleashed/Binary_Payloads


62/70


63/70


64/70


65/70


66/70


67/70
https://github.com/DC801/Introtobackdoorshttp://www.introtobackdoors.com/http://www.introtobackdoors.com/http://www.introtobackdoors.com/http://www.introtobackdoors.com/https://github.com/DC801/Introtobackdoors


68/70


69/70
http://www.minivps.us/http://swedendedicated.com/vps/http://nqhost.com/unmetered-xen-vps.htmlhttp://nqhost.com/unmetered-xen-vps.htmlhttp://swedendedicated.com/vps/http://www.minivps.us/


70/70
http://www.tunnelsup.com/raspberry-pi-phoning-home-using-a-reverse-remote-ssh-tunnelhttp://www.tunnelsup.com/raspberry-pi-phoning-home-using-a-reverse-remote-ssh-tunnelhttp://resources.infosecinstitute.com/creating-undetectable-custom-ssh-backdoor-python-z/http://resources.infosecinstitute.com/creating-undetectable-custom-ssh-backdoor-python-z/http://resources.infosecinstitute.com/creating-undetectable-custom-ssh-backdoor-python-z/http://resources.infosecinstitute.com/creating-undetectable-custom-ssh-backdoor-python-z/http://www.tunnelsup.com/raspberry-pi-phoning-home-using-a-reverse-remote-ssh-tunnelhttp://www.tunnelsup.com/raspberry-pi-phoning-home-using-a-reverse-remote-ssh-tunnel

DEFCON 22 Lance Buttars Nemus Intro to Backdooring OS

Documents

Transcript of DEFCON 22 Lance Buttars Nemus Intro to Backdooring OS