Backdoors and Remote Access Tools

Roy

INSA Laboratory

Introduction

• The goal is to control remotely

Outline

• Windows– VNC– NetBus Pro– BO– Sub7

• Linux– STCPSHELL

VNC

• Simple Remote Assess Tool

• Desktop

• http://www.realvnc.com/

Setup VNC Server

Connect to VNC Server

NetBus Pro

• Allow full control

• It isn’t as graphically friendly asVNC

• http://www.packetstormsecurity.org

Setup NetBus Server

Double Click

Back Orifice

• More functions

• Support plug-ins

• http://www.bo2k.com/

Setup BO Server

Setup Client

Connect to Victim

SubSeven

• Sub7 is similar to BO2k and Netbus

• More convenient– Just execute file

• http://www.hackpr.net/~sub7/downloads.html

Setup Sub7 Server

Connect to Victim

SCTPSHELL

• Create a virtual shell on victim’s computer

• Spoof TCP packets

• http://www.pkcrew.org/tools/stcpshell.c

• Server• IP Spoofing• Client

Client

140.123.113.72

Server

140.123.113.93

Summary