Be sure to change the FTP variables throughout the code, these variables contain the username, password, & IP address of the FTP server which receives the files.
This code will do the following:
- Copy itself into the %TMP% directory & name itself ursakta.exe
- Add a registry entry to execute itself each time the user logs in
- Verify which browser the user is using (Chrome, Firefox or Brave)
- Search for files within the Chrome, Firefox, or Brave browser directories
- Create a directory on our FTP server then send the files in the browser's directory to the FTP server
Cross Compiling with MingW on Linux
Install command with Apt:
sudo apt-get install mingw-w64
64-bit:
x86_64-w64-mingw32-gcc *input file* -o *output file* -lwininet -lversion
32-bit:
i686-w64-mingw32-gcc *input file* -o *output file* -lwininet -lversion
From the Victim's Perspective:
Registry entry:
File activity:
Author
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- LiveSeptember 5, 2024"40 Steps" Satellite Security - Registration for LIVE WORKSHOP IS NOW ON!
- LiveAugust 21, 2024"40 Steps" Game Hacking - Registration for LIVE WORKSHOP IS NOW ON!
- BlogDecember 13, 2022What are the Common Security Weaknesses of Cloud Based Networks?
- BlogOctober 12, 2022Vulnerability management with Wazuh open source XDR
Subscribe
0 Comments
Newest