Some Terminologies You Should Know About Trojans
In
 this following post we will discus some most frequently used 
terminologies that we usually hear when word Trojan pops out. They are 
discussed here because after knowing them you'll be able to understand 
how attacker manages to circulate RAT server, hide its presence and also
 bypasses firewall rules.
Over And Covert Channel:
A channel here
 describes means of communication. An overt channel means legal, obvious
 or known where as covert means hidden and concealed. In other words 
overt means legal means of communication whereas covert means illegal 
means of communication. In technical terms overt channel follows rules 
by TCP/IP suite where as covert channel exploit weakness of TCP/IP model
 for illegal communication.
Wrappers:
Wrappers are 
programs that helps binding two files together. They can bind either 
multiple files of same extension or multiple files with multiple 
extension. Wrappers are also known as packers and file binders. They can
 execute process in background or complete stealth mode.
Trojan Construction Kits:
These are the 
things we call today as RAT clients. All RAT clients are nothing but 
Trojan Construction Kits. They help attacker build features in their RAT
 server.
Stub:
Stub is 
unusual and extra embedded code in some program to change its signature.
 Stubs are used for generating a RAT server that changes signature of 
RAT server and it bypasses scanning by Anti-Virus.


 
No comments:
Post a Comment