Crafting and Deploying Malware Using a Remote Access Trojan (RAT)

CompTIA Security+ Domain:
Domain 1: Attacks, Threats, and Vulnerabilities
Domain 2: Technologies and Tools

CompTIA Security+ Objective Mapping:
Objective 1.3 Explain threat attack types and attributes.
Objective 1.4 Explain penetration testing concepts.
Objective 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.

CEH Domain:
Domain 1: Background
Domain 4: Tools/Systems/Programs

CEH Objective Mapping:
Objective 1.2 Information Security Threats and Attack Vectors
Objective 4.3 Information Security Tools

Overview

In this lab, you will breach and compromise a host on the network. First, you will use the scanning tool nmap/Zenmap in order to determine the open ports on the pfSense firewall from an external address. Then, the lab uses Bruter, a GUI-based network brute-forcing tool for Windows systems to determine the password for the administrator using a dictionary attack. After Bruter determines the password of the administrator account, the attacker can leverage the credentials through an RDP session.

outcomes:

In this lab, you will learn to:

Use nmap/Zenmap to scan a network.
Deploy malware on a system.
Use Bruter to exploit a system vulnerability.
Use remote desktop to breach a system.

Courses

Ethical Hacking and Systems Defense

Information Security Fundamentals

Key terms and descriptions

netstat

A command line tool in Windows and terminal tool in Linux that will provide you with connection information.

RDP

The Remote Desktop Protocol, which allows you to a remote computer though a GUI.

Bruter

A program which will allow you to perform a dictionary or brute force attack against a remote system.

DarkComet

Malware that will allow an attacker to command and control a victim’s system.

nmap

A port scanner which will indicate whether ports are open or closed on a remote system.