Trojans and Backdoors
A Trojan is a program that contains malicious or harmful code inside apparently harmless programming or data in such a way that it can gain control and cause damage, such as ruining the file allocation table on a hard disk. With the help of a Trojan, an attacker gets access to stored passwords in a computer and would be able to read personal documents, delete files, display pictures, and/or show messages on the screen.
The objective of this lab is to help students learn to detect Trojan and backdoor attacks. The objectives of the lab include:
Creating a server and testing a network for attack
Detecting Trojans and backdoors
Troubleshoot the network for performance
Attacking a network using sample Trojans and documenting all vulnerabilities and flaws detected
According to Bank Info Security News (http://www.bankinfosecurity.com), Trojans pose serious risks for any personal and sensitive information stored on compromised Android devices, the FBI warns. But experts say any mobile device is potentially at risk because the real problem is malicious applications, which in an open environment are impossible to control. And anywhere malicious apps are around, so is the potential for financial fraud.
According to cyber security experts, the banking Trojan known as citadel, an advanced variant of zeus, is a keylogger that steals online-banking credentials by capturing keystrokes. Hackers then use stolen login IDs and passwords to access online accounts, take them over, and schedule fraudulent transactions. Hackers created this Trojan that is specifically designed for financial fraud and sold it on the black market.
You are a security administrator of your company, and your job responsibilities include protecting the network from Trojans and backdoors, Trojan attacks, the theft of valuable data from the network, and identity theft.
Trojans and Backdoors Exercises
Ethical Hacking Exercises / Trojans and Backdoors contains the following Exercises:
- Creating a Server Using the ProRat Tool
- Wrapping a Trojan using One File EXE Maker
- Proxy Server Trojan
- HTTP Trojan
- Detecting Trojans
- Creating a Server Using the Theef
- Hack Windows 7 using Metasploit
The Virtual Private Cloud for this Lab set utilizes:
Ethical Hacking Exercises are available as part of the following subscription:
The Exercises in this lab map to the Certified Ethical Hacker V10 Course. Each subscription provides 6 months of access to 107 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.
Lab exercises are included for:
- Footprinting and Reconnaissance
- Scanning Networks
- Vulnerability Analysis
- System Hacking
- Malware Threats
- Social Engineering
- Denial of Service
- Session Hijacking
- Evading IDS Firewalls and Honeypots
- Hacking Web Servers
- Hacking Web Applications
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- Cloud Computing