.

malware loaded netbooks

<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Thu May 12, 2011 1:08 pm

malware loaded netbooks

I was watching a video by HD Moore and he was talking about one of the greatest successes in pentesting was delivering malware loaded netbooks to certain individuals in a company under the guise of a thank-you from some software or hardware manufacturer. I think the quote was a 95% success (or failure depending on how you look at it) rate.

My question is there canned software just for this purpose or is it all custom made, i.e. how would one go about setting one of these up? For instance, I could use the 'generate' function in BT with the '-x' switch to infect a bunch of programs with different payloads using the '-i' switch to obfuscate the malware. Or just use smartlogger to not set off any (many?) IDS?
Or install a rootkit (would that be overdoing it?)
Or is just the acceptance of a netbook considered good enough?

Anybody have an opinion on real world examples?
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Thu May 12, 2011 2:57 pm

Re: malware loaded netbooks

He's just talking about loading up a netbook with some sort of metasploit payload or in HD's case, probably a super awesome magical payload that no one knows about. More than likely he just adds it to a startup folder on the box so that it runs every time they boot the netbook up. From there, he just pivots throughout the new network.

Depending on how fortified your client is would depend on how stealthy you need to be. Usually a reverse connect payload over 80 or 443 will get you what you want. If there is a real need to hide the payload from AV, you might want to look at a new post from scriptjunkie. I helped him get a payload 100% undetectable:

http://www.scriptjunkie.us/2011/04/why- ... ates-exes/
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Fri May 13, 2011 7:21 am

Re: malware loaded netbooks

Thanks for the link. Very interesting reading.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

csesuvra

Newbie
Newbie

Posts: 3

Joined: Tue May 31, 2011 10:47 pm

Post Tue May 31, 2011 10:56 pm

Re: malware loaded netbooks

Your situation looks like me. I have also seen the video & now I need more idea as well as suggestion about real world..
Suvra Cse

Return to Malware

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software