Malware Labs.
ESET NOD32 España – Blog de laboratorio » backdoor. Durante los últimos días se ha venido comentando la noticia de que Samsung estaría utilizando una versión modificada de Android en nueve de sus dispositivos Galaxy para, supuestamente, “espiar” remotamente a sus usuarios. La información desvelada por desarrolladores del Replicant Project (que elaboran su propia versión gratuita de Android) parece demostrar que también se podría estar espiando a los usuarios utilizando hardware de estos dispositivos como el sistema GPS, la cámara y el micrófono. Mientras se encontraban trabajando en Replicant, los desarrolladores encontraron que varios modelos de la familia Galaxy de Samsung disponían de esta puerta trasera, incluyendo terminales tan populares como el Galaxy Note 2, Galaxy S3 o el Nexus S.
Aparentemente, estos dispositivos cuentan con un modem que permite realizar operaciones remotas que incluyen la monitorización e incluso la modificación de los datos del usuario, según un informe de PC World. Josep Albors ¿Es siempre así? A Backdoor in the Next Generation Active Directory. At the beginning of the last year, I already raised the issue of post-exploitation in a Microsoft Active Directory domain. The brought forward approach addressed the variant aimed mostly at the case of the loss of admin privileges rather than their exploitation. Additionally, the action of regaining the privileges itself involved conspicuous events and visually evident manipulations in the directory.
In other words, to regain admin privileges one had to become a member of the appropriate security group, such as Domain Admins. It should be mentioned that administrators get very nervous when suddenly they realize there is someone else in the system. Now imagine how an Active Directory administrator of a large company can react when they see an unfamiliar account name in the Enterprise Admins security group. So how can a pentester remain unnoticed in Microsoft networks? The first thing that comes to my mind is to use an admin account. What are the solutions to these problems? End If. Netcat. Security Tools. Le FBI veut des backdoors partout !
Le FBI veut des backdoors partout ! Ils ont de la suite dans les idées au FBI ! Sous prétexte de pouvoir surveiller plus facilement des criminels / des suspects, ils ont rédigé une proposition de loi qui vise à obliger des géants comme Skype, Microsoft, Yahoo! Ou encore Google et Facebook à intégrer dans leurs systèmes une backdoor (un accès caché) qui leur permettra de pratiquer des écoutes ou de la pêche aux infos beaucoup plus facilement.
Hé oui, on y arrive, et c'est un moyen pour eux d'aller plus vite, au lieu d'attendre que SOPA et d'autres douceurs soient adoptées. Les réseaux sociaux sont les principaux visés, mais on peut très bien imaginer des backdoors pour pratiquer des écoutes sur Skype, accéder à un ordinateur Windows pour y pomper les données qui s'y trouvent ou encore filmer les gens dans leur salon via la caméra de leur Kinect... Source Vous avez aimé cet article ? Hackers backdoor the human brain, successfully extract sensitive data. With a chilling hint of the not-so-distant future, researchers at the Usenix Security conference have demonstrated a zero-day vulnerability in your brain. Using a commercial off-the-shelf brain-computer interface, the researchers have shown that it's possible to hack your brain, forcing you to reveal information that you'd rather keep secret.
As we've covered in the past, a brain-computer interface is a two-part device: There's the hardware -- which is usually a headset (an EEG; an electroencephalograph) with sensors that rest on your scalp -- and software, which processes your brain activity and tries to work out what you're trying to do (turn left, double click, open box, etc.) BCIs are generally used in a medical setting with very expensive equipment, but in the last few years cheaper, commercial offerings have emerged. For $200-300, you can buy an Emotiv (pictured above) or Neurosky BCI, go through a short training process, and begin mind controlling your computer. Small Python Backdoor. Hookworm: A Stealth PHP Backdoor. WeBaCoo Web Backdoor Cookie. A Backdoor in the Next Generation Active Directory.
Write your own SSHD backdoor | The Good, The Bad and the Insecure. This article is not written by me. I found it online, but only in one place so this is effectively a mirror for it. Enjoy /////////////////////////////////////////////////////////////////////////////// /************************************************** ***************************/ /* Tutorial: How to write a backdoor for OpenSSH. */ /* Date: June 29, 2005 */ /* Author: pikah (rvdwesten@gmail.com) */ /* Website: */ /* */ /* DISCLAIMER: */ /* This tutorial is published here for one reason only: To make the problem */ /* understandable for users who are interested in the way a sshd-daemon */ /* can be easily backdoored. Well this is one of the first tutorials I will write. This tutorial is about how to make (and write) your own OpenSSH backdoor.
[What is OpenSSH] First I’m going to tell what OpenSSH does, I’m not getting into details , because most of you guys are probably not even reading this section. [The Backdooring] We are downloading the sourcecode first. How to Find a Backdoor in a Hacked WordPress Site and Fix It. Time and time again, we have helped users fix their hacked WordPress sites. Most of the time when they reach out to us, they have already cleaned up the site, and the hacker was able to get back in. This happens if you did not clean it up properly, or you did not know what you were looking for. In most cases that we found, there was a backdoor created by the hacker which allowed them to bypass normal authentication. In this article, we will show you how to find a backdoor in a hacked WordPress site and fix it. What is a Backdoor? Backdoor is referred to a method of bypassing normal authentication and gaining the ability to remotely access the server while remaining undetected. Some backdoors simply allow users to create hidden admin username.
Where is this Code Hidden? Backdoors on a WordPress install are most commonly stored in the following locations: Themes – Most likely it is not in the current theme that you are using. How to Find and Clean the Backdoor? Search the Uploads Directory. Backdoor discovered on ZTE Score M Android smartphone - Cell Phones &Mobile Device Technology News &Updates. Security - Privacy - Back Ups - Hacking - Downloading. BackDoor-EJG!FDCB06096216 | Virus Profile & Definition | McAfee Inc.