Two days before the RSA conference, there was a guy named Joel Eriksson researchers show how to attack the Trojans, particularly the Trojan control terminal)to control the“hacker”. blog.wired.com/27bstroke6/2008/04/researcher-demo.html
Eriksson found one in the Celestial Empire one of the more popular PCshare of vulnerability, you can upload the file to the control terminal of the since the start of the directory.:) ! attachments/200804/21_125731_tmp.jpg
This is his show Pcshare pictures, this one looks like and he said the vulnerability also nothing relationship.
2 0 0 5 years time, I plan to go to Germany 22C3 do a similarly-themed presentation, but later because of visa reasons, did not take place. Entitled Exploiting the Rootkit on http://secway.org/papers.htm. At the time in order to fit the speech, but also to find a few Trojans vulnerabilities, such as the WinEggDrop, http://secway.org/advisory/AD20051202.txt the.
Attack Trojans have at least two ideas:
To 1. The use of the controlled end of the vulnerability, the root someone root through the machine. For example above this Wineggdrop hole
2。 The use of the control terminal of the vulnerability, the root of the intruder's machine. For example, PCshare this hole
There is also a local opportunity, Local Privilege Escalation.
It seems now we have been satisfied with the attackoperating system, to attack the security software, the attacks of the so-called“Black soft”.
Intrusion risks, to put the horses need to be cautious.