Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Backdoors types
Message
<blockquote data-quote="509322" data-source="post: 783266"><p>Common backdoor generally is when a program runs as a server on your system. It listens on an active port.</p><p></p><p>Reverse shell backdoor would be, for example, when using one of the many exploit attack platforms such as Metaslploit, Meterpreter, PowerShell Empire, PowerSploit, etc. Once the stager is run, it connects back to the attacker. It can be configured to listen, to check-in, to send data on schedule, the attacker can connect manually, etc. Lots of flexibility there.</p><p></p><p>Dynamic protection is dynamically going out of business.</p><p></p><p>Contrary to what some developer says, blocking the reverse shell does not block the exploit. The exploit has already happened and the system is fully compromised; too little, too late. So they shouldn't be falsely claiming a protection event when it just ain't true. The attacker can possibly leverage the existing exploit to probe around further and find alternate attack routes. Eventually, they could disable all security. That's how it happens.</p></blockquote><p></p>
[QUOTE="509322, post: 783266"] Common backdoor generally is when a program runs as a server on your system. It listens on an active port. Reverse shell backdoor would be, for example, when using one of the many exploit attack platforms such as Metaslploit, Meterpreter, PowerShell Empire, PowerSploit, etc. Once the stager is run, it connects back to the attacker. It can be configured to listen, to check-in, to send data on schedule, the attacker can connect manually, etc. Lots of flexibility there. Dynamic protection is dynamically going out of business. Contrary to what some developer says, blocking the reverse shell does not block the exploit. The exploit has already happened and the system is fully compromised; too little, too late. So they shouldn't be falsely claiming a protection event when it just ain't true. The attacker can possibly leverage the existing exploit to probe around further and find alternate attack routes. Eventually, they could disable all security. That's how it happens. [/QUOTE]
Insert quotes…
Verification
Post reply
Top