PoisonIvy is a remote administration tool, which is widely used by hackers as the backdoor.
There are some news about PoisonIvy:
Usage Demostration
In PoisonIvy Server Profile, we can config the server.
In this tab, address and password can be set. Proxy attribute can also be set in this tab.
The next tab, install, is used to config how the backdoor startup. Such as autostart and executable name is included.
The next tab, install, is used to config how the backdoor startup. Such as autostart and executable name is included.
Some advantage attribute like process injection, persistent and key logger are contained.
After generation, a backdoor will be generated. Then we create correspond client and execute the backdoor in another machine.
Then we can retrieve some system information about victim's machine.
After generation, a backdoor will be generated. Then we create correspond client and execute the backdoor in another machine.
After a success infection, a message will showed. And we can get some basic information about victim.
Next step, we can create a remote shell to victim.
Moreover, we can also get the remote desktop of victim.
沒有留言:
張貼留言