Some Terminologies You Should Know About Trojans
In
this following post we will discus some most frequently used
terminologies that we usually hear when word Trojan pops out. They are
discussed here because after knowing them you'll be able to understand
how attacker manages to circulate RAT server, hide its presence and also
bypasses firewall rules.
Over And Covert Channel:
A channel here
describes means of communication. An overt channel means legal, obvious
or known where as covert means hidden and concealed. In other words
overt means legal means of communication whereas covert means illegal
means of communication. In technical terms overt channel follows rules
by TCP/IP suite where as covert channel exploit weakness of TCP/IP model
for illegal communication.
Wrappers:
Wrappers are
programs that helps binding two files together. They can bind either
multiple files of same extension or multiple files with multiple
extension. Wrappers are also known as packers and file binders. They can
execute process in background or complete stealth mode.
Trojan Construction Kits:
These are the
things we call today as RAT clients. All RAT clients are nothing but
Trojan Construction Kits. They help attacker build features in their RAT
server.
Stub:
Stub is
unusual and extra embedded code in some program to change its signature.
Stubs are used for generating a RAT server that changes signature of
RAT server and it bypasses scanning by Anti-Virus.
No comments:
Post a Comment