gay-pianist
New member
They Usually Try To Do Next? PLEASE READ THIS FIRST!!
So I have been studying malware etc. I know a decent amount about computers and programming. Lately I have been looking at sites from malwaredomains that have remote Java exploits so that when you visit the site it spawns back a listening command shell which is connected to by the attacker somewhere.
You can even see it running cmd.exe and connecting back to the attacker; i.e. some random IP. Of course unsuspecting people visiting that page would have NO IDEA what was happening to them. Of course I do this in the safety of an ISOLATED MACHINE ON VIRTUAL BOX, I have a malware study set up in my box to test what the criminals on the net are up too next.
To the point however, what good does remote command line access really do? I know hackers try to use the access they have attained to get MORE ACCESS, so one thing they could do for instance is use the type command to read text files on your computer, but as long as you haven't stored any passwords in text files what could they really do?
Sure they could try to be malicious and rename files but they couldn't really steal any of your files could they? If they tried to use the build in ftp in Microsoft THAT WOULDN'T WORK since ftp.exe is it's OWN program so they would have to connect to that but they only had their one shot and only have as much access as cmd.exe ITSELF gives them not ftp.exe.
I thought about how they might try to use net commands like net share net use, etc. etc. but those would only work in rare cases and only work on the local area network.
I'm sure the brilliant hackers out there have found out all kinds of nasty tricks in their little bag but I was curious if anyone knows anything more about this? Security experts etc?
So I have been studying malware etc. I know a decent amount about computers and programming. Lately I have been looking at sites from malwaredomains that have remote Java exploits so that when you visit the site it spawns back a listening command shell which is connected to by the attacker somewhere.
You can even see it running cmd.exe and connecting back to the attacker; i.e. some random IP. Of course unsuspecting people visiting that page would have NO IDEA what was happening to them. Of course I do this in the safety of an ISOLATED MACHINE ON VIRTUAL BOX, I have a malware study set up in my box to test what the criminals on the net are up too next.
To the point however, what good does remote command line access really do? I know hackers try to use the access they have attained to get MORE ACCESS, so one thing they could do for instance is use the type command to read text files on your computer, but as long as you haven't stored any passwords in text files what could they really do?
Sure they could try to be malicious and rename files but they couldn't really steal any of your files could they? If they tried to use the build in ftp in Microsoft THAT WOULDN'T WORK since ftp.exe is it's OWN program so they would have to connect to that but they only had their one shot and only have as much access as cmd.exe ITSELF gives them not ftp.exe.
I thought about how they might try to use net commands like net share net use, etc. etc. but those would only work in rare cases and only work on the local area network.
I'm sure the brilliant hackers out there have found out all kinds of nasty tricks in their little bag but I was curious if anyone knows anything more about this? Security experts etc?