art of backdooring: technique and practice
TRANSCRIPT
![Page 1: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/1.jpg)
Ahmad Muammar W. K.http://google.com/search?q=y3dips
![Page 2: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/2.jpg)
http://google.com/search?q=y3dips
BackdoorSuatu metode untuk mem-bypass otentikasi normal ataukeamanan akses secara remote ke suatu mesin (komputer)
![Page 3: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/3.jpg)
Footprinting
Scanning
Enumeration
Gaining Access
Escalating Priveledge
Pilfering
Covering Tracks
Creating Backdoor
Denial OF Service
![Page 4: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/4.jpg)
http://google.com/search?q=y3dips
Need a Backdoor?Tanpa otentikasi resmiAkses mesin tanpa batasan (waktu, arsitektur, dsb)E.t.c
![Page 5: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/5.jpg)
http://google.com/search?q=y3dips
TypesProgram yang di install, e.g : back orifice, sshv4Modifikasi program/file, e.g : OpenSSH backdoorBerbasiskan Aplikasi (plugins), e.g : cgi-telnet, php shellProgram yang di eksekusi (binnary), e.g : bindshelletc
![Page 6: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/6.jpg)
Ahmad Muammar W. K.http://google.com/search?q=y3dips
![Page 7: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/7.jpg)
![Page 8: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/8.jpg)
![Page 9: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/9.jpg)
![Page 10: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/10.jpg)
![Page 11: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/11.jpg)
![Page 12: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/12.jpg)
![Page 13: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/13.jpg)
Ahmad Muammar W. K.http://google.com/search?q=y3dips
![Page 14: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/14.jpg)
http://google.com/search?q=y3dips
SimulationPassword database/file ModificationReverse shell
![Page 15: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/15.jpg)
Ahmad Muammar W. K.http://google.com/search?q=y3dips
![Page 16: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/16.jpg)
![Page 17: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/17.jpg)
Ahmad Muammar W. K.http://google.com/search?q=y3dips
![Page 18: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/18.jpg)
http://google.com/search?q=y3dips
Salah satu teknik yang bisa digunakan untuk membypass firewall dengan full restriction inbound traffic.
Reverse Shell
![Page 19: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/19.jpg)
http://google.com/search?q=y3dips
Tidak bisa install programKemampuan UserTidak bisa patching/modifikasi aplikasiTidak memberi interactive shellSemua koneksi dari dalam keluar not filtered
Why ?
![Page 20: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/20.jpg)
http://google.com/search?q=y3dips
Reverse Shell
![Page 21: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/21.jpg)
Firewall
Attacker
Server
Attacker membuka koneksi ke server menggunakan port 80 (HTTP)Attacker menemukan celah untuk memasang backdoor di komputer server dan menutup koneksi
![Page 22: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/22.jpg)
Firewall
Attacker
Server
Attacker kembali membuka koneksi untuk mengakses server target melalui backdoor ytang ditanamkanAttacker tidak bisa mengakses backdoor via port yang di tentukan karena terbentur firewall
![Page 23: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/23.jpg)
Firewall
Attacker
Server
Attacker membuka kembali koneksi ke server menggunakan port 80 (HTTP)Attacker menemukan celah untuk memasang reverse shell backdoor di komputer server
![Page 24: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/24.jpg)
Firewall
Attacker
Server
Attacker membuka koneksi di mesinnya ( e.g menggunakan netcat )Attacker mengeksekusi revershe shell backdoor di mesin targetKoneksi terjadi☺
![Page 25: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/25.jpg)
![Page 26: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/26.jpg)
http://google.com/search?q=y3dips
Reverse ShellBackdoor tidak selalu online !Pengaktifannya bisa melalui backdoor lain di web applikasiMinimalisir kecurigaan Tuan RumahPhpShell, cgi-telnet, remote command execution
![Page 27: Art of Backdooring: Technique and Practice](https://reader033.vdocuments.mx/reader033/viewer/2022042601/5559f663d8b42ad00a8b4860/html5/thumbnails/27.jpg)
Ahmad Muammar W. K.http://google.com/search?q=y3dips