Submit Search
Upload
Backdoor Entry to a Windows Computer
•
0 likes
•
3 views
IRJET Journal
Follow
https://www.irjet.net/archives/V10/i3/IRJET-V10I3195.pdf
Read less
Read more
Engineering
Report
Share
Report
Share
1 of 6
Download now
Download to read offline
Recommended
Firewalls
Firewalls
Deevena Dayaal
OWASP Top 10 Web Attacks (2017) with Prevention Methods
OWASP Top 10 Web Attacks (2017) with Prevention Methods
IRJET Journal
Introduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
amiyadutta
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
Workshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
Network security
Network security
Sidiq Dwi Laksana
Recommended
Firewalls
Firewalls
Deevena Dayaal
OWASP Top 10 Web Attacks (2017) with Prevention Methods
OWASP Top 10 Web Attacks (2017) with Prevention Methods
IRJET Journal
Introduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
amiyadutta
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
Workshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
Network security
Network security
Sidiq Dwi Laksana
Remotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal Network
ijtsrd
Ii2514901494
Ii2514901494
IJERA Editor
IRJET- Sandbox Technology
IRJET- Sandbox Technology
IRJET Journal
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
Jayanth Dwijesh H P
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
AmardeepKumar621436
43 automatic
43 automatic
aissmsblogs
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
Cryptography and system security
Cryptography and system security
Gary Mendonca
Day4
Day4
Jai4uk
Final project.ppt
Final project.ppt
shreyng
Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
Amit Kumbhar
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
webhostingguy
Malware Freak Show
Malware Freak Show
n|u - The Open Security Community
Malware freak show
Malware freak show
sr1nu
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Shakas Technologies
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Shakas Technologies
Network security
Network security
Fekadu Abera
Network and web security
Network and web security
Nitesh Saitwal
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Forescout Technologies Inc
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
More Related Content
Similar to Backdoor Entry to a Windows Computer
Remotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal Network
ijtsrd
Ii2514901494
Ii2514901494
IJERA Editor
IRJET- Sandbox Technology
IRJET- Sandbox Technology
IRJET Journal
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
Jayanth Dwijesh H P
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
AmardeepKumar621436
43 automatic
43 automatic
aissmsblogs
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
Cryptography and system security
Cryptography and system security
Gary Mendonca
Day4
Day4
Jai4uk
Final project.ppt
Final project.ppt
shreyng
Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
Amit Kumbhar
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
webhostingguy
Malware Freak Show
Malware Freak Show
n|u - The Open Security Community
Malware freak show
Malware freak show
sr1nu
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Shakas Technologies
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Shakas Technologies
Network security
Network security
Fekadu Abera
Network and web security
Network and web security
Nitesh Saitwal
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Forescout Technologies Inc
Similar to Backdoor Entry to a Windows Computer
(20)
Remotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal Network
Ii2514901494
Ii2514901494
IRJET- Sandbox Technology
IRJET- Sandbox Technology
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
43 automatic
43 automatic
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Cryptography and system security
Cryptography and system security
Day4
Day4
Final project.ppt
Final project.ppt
Module 7 (sniffers)
Module 7 (sniffers)
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
Malware Freak Show
Malware Freak Show
Malware freak show
Malware freak show
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
Network security
Network security
Network and web security
Network and web security
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
More from IRJET Journal
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
IRJET Journal
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
IRJET Journal
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
IRJET Journal
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
IRJET Journal
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
IRJET Journal
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
IRJET Journal
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
IRJET Journal
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
IRJET Journal
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
IRJET Journal
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
IRJET Journal
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
IRJET Journal
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
IRJET Journal
React based fullstack edtech web application
React based fullstack edtech web application
IRJET Journal
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
IRJET Journal
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
IRJET Journal
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
IRJET Journal
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
IRJET Journal
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
IRJET Journal
More from IRJET Journal
(20)
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
React based fullstack edtech web application
React based fullstack edtech web application
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Recently uploaded
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
DeelipZope
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
DeepakSakkari2
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
ranjana rawat
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
ranjana rawat
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
959SahilShah
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
Suhani Kapoor
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
Asst.prof M.Gokilavani
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
misbanausheenparvam
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
9953056974 Low Rate Call Girls In Saket, Delhi NCR
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
Call Girls in Nagpur High Profile
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
Tsuyoshi Horigome
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
Mark Billinghurst
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
João Esperancinha
power system scada applications and uses
power system scada applications and uses
DevarapalliHaritha
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
wendy cai
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
PoojaBan
Internship report on mechanical engineering
Internship report on mechanical engineering
malavadedarshan25
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
srsj9000
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur High Profile
Recently uploaded
(20)
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
power system scada applications and uses
power system scada applications and uses
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
Internship report on mechanical engineering
Internship report on mechanical engineering
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
Backdoor Entry to a Windows Computer
1.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 03 | Mar 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 1227 Backdoor Entry to a Windows Computer Ch. Kalpana1, V. Naga Rushikesh2, A. Srikanth3 1Student, Dept. of CSE, Sreenidhi Institute of Science and Technology, Telangana, India 2Student, Dept. of CSE, Sreenidhi Institute of Science and Technology, Telangana, India 3Student, Dept. of CSE, Sreenidhi Institute of Science and Technology, Telangana, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - On any computer, there aretwoaccesspointsthat can be used for remote access. One requires usercredentials to connect while the other accesspointisalsoknownasbackdoor access point. It allows users to bypass security checks to login. The backdoor is a simple executable that gets installed on the target computer to get a reverse shell if needed. There are several ways to create a backdoor to a computer. A savvy attacker can easily create a custom backdoor. Most of these custom backdoors are easily recognized as malicious files by Windows security system. To solve this problem, we have developed an advanced backdoor that works like anormal file but works like a backdoor. Once installed, thebackdoorallows an attacker to retain access to the computer and make changes to it. Initially, access to the reverse shell obtained through the backdoor will have user privileges, and privilege escalation methods are used to access an administrator privilege shell. It is used to remotely access a computer using an RCE (Remote Code Execution) vulnerability. Key Words: Privileges, Access, Intruder, Remote Code Execution, Vulnerability 1.INTRODUCTION A backdoor is a method used by anyone (hackers, governments, computer scientists, etc.). - Allow remote access to your device without your permission or knowledge. Hackers can install backdoors on your deviceby using malware, exploitingvulnerabilitiesinyoursoftware,or even installing backdoors directly into your device's hardware/firmware. Once a hacker has logged into your machine without your knowledge, they can use a backdoor for a variety of reasons, such as: • Surveillance • Data theft • Cryptojacking • Sabotage • Malware attack. No one is safe from backdoor hacking, hackersareconstantly inventing new methods and new malicious files to gain access to users. 2. HOW DOES A BACKDOOR WORKS? Every computer system has an official means throughwhich users can access it. This typically includes an authentication system where users provide a password or some other type of credential to prove their identity. If a user authenticates successfully, they gain access to the system, but their permissions are limited to those assigned to their account.If this authentication system provides security, it can also inconvenience certain users, whether legitimate or illegitimate. System administrators may need to access systems remotely that do not allow remote access. An attacker may want to access a company's database server even if he does not have the necessary credentials to do so. System builders can include a default account to simplify setup, testing, and deploying system updates. In these cases, a backdoor can be inserted into the system. For example, a system administrator can configure a web shell on a server. When they want to access a server,theyvisittheappropriate website and can send commands directly to the server without authenticating or configuring company security policies to accept secure remote access protocols such as SSH. Fig-1: System Architecture 3. TYPES OF BACKDOOR Backdoors can take many forms. Some of the more common types include: Trojans: Most backdoor malware is designed to bypass an organization's defenses,allowingattackerstogaina foothold
2.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 03 | Mar 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 1228 in corporate systems. As such, they are often Trojans that masquerade as benign or desired files while containing malicious functionality, such as enabling remote access to the infected computer. Built-in backdoors: Device manufacturers may include backdoors in the form of default accounts, undocumented remote access systems, and similar functionality. Although these systems are usuallyonlyavailabletothemanufacturer, they are usually designed in such a way that they cannot be disabled and there is no backdoor to keep them secret forever, exposing these security holes to attackers. Web Shell: A Web Shell is a web page designed to receive user input and run in a system terminal. These backdoors are often installed by system and network administrators to facilitate remote access and management of corporate systems. Supply Chain Exploits: Web applications and other software often contain third-party libraries and code. An attacker could embed backdoor code into a library in the hope that it will be used in a corporateapplication,providing backdoor access to the system running the software. Fig-2 4. SCOPE AND OVERVIEW The project aims to create complete applications that can be used in a corporate environment. The application should be as simple as possible so that even a non-technical person can configure it. In this project, we use pythonprogrammingand use Socket, os and subprocess modules to implement the application. It's easy to understand. A backdoor is any means by which anyone can gain accessto a system by bypassing normal security measures. Some software often has backdoors built into its code, allowing engineers and developers to bypass their own defenses to solve user problems. Backdoor attacks involve cybercriminals using these access points to gain unauthorized access to data and systems. These incidents often go unnoticed, at least initially, because hackers don't have to compromise or force their way through network security systems. Once they gain remote access toa network or device, criminals can install malware, steal data, and monitor user activity. Fig-3 5. PROPOSED SYSTEM In the proposed system, we have used modules such as os, subprocess, socket, etc., through whichwecanfill thegapsin the existing system. Now in the proposed system we can modify the contents of the file, and in the proposed system the user/hacker information is also exposed. It is difficult to know who the hacker is. Network commands such as ipconfig, netsh are now also available in the proposed system. 6. EXISTING SYSTEM Backdoor access is nothing but access to target system and ability to perform any action in target system via user command prompt. But in the existing system, we can view/read but not modify the contents of specific files through the backdoor, and in the existing system, we cannot access network commands such as ipconfig, netsh, etc. Existing systems do not meet all hacker/administrator requirements. REVERSE TCP CONNECTION Reverse TCP connection TCP/IP or Transmission Control Protocol/Internet Protocol is the basic communication language of the Internet. The Internet uses TCP/IP to allow a computer to communicate with another computer over the Internet by assembling packets of data and sending them to the correct location. A basic firewall is used to block incoming connections. Reverse_tcp is where the attacker forces the host to establish a connection with the attacker. This is the basic idea of a reverse_tcp. TCP TCP/IP has 2 layers, TCP is responsible for taking the big data and assembling it into network packets and sending it to receive by another TCP layer which decodes the packets and breaks it down into changes of information useful.
3.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 03 | Mar 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 1229 IP IP or Internet Protocol is responsible for routing the assembled network packets to their intended location. The IP layer is like GPS for packets. THIS ATTACK USES 2 BASIC CONCEPTS BIND SHELL: This is a shell where the target machine opens a communication port or listener on the victim machine and waits for incoming connections. The attacker then connects to the victim machine's listener and issues the commands. REVERSE SHELL: This is a shell in which the target machine initiates a connectiontotheattackingmachine.Theattacking machine has a listening port that accepts connections, the use of which can lead to the execution of code or command. 7. REQUIREMENTS FUNCTIONAL REQUIREMENTS: Windows systems must be able to connect to remote computers over the Internet by sending CONNECT signals Linux systems must be able to receive CONNECT signals from remote computers and establish secure connections. PERFORMANCE REQUIREMENTS: System must be in recent Version. Robust and Scalability SOFTWARE REQUIREMENTS: Windows 7 Python 3 Linux OS Netcat tool HARDWARE REQUIREMENTS 2 computers with i5 processors 8gb RAM 10 GB free space 8. FEASIBILITY STUDY OPERATIONAL FEASIBILITY: The proposed system is advantageous because it turns into an information system capable of analyzing flows to meet the operational needs of the organization. In terms of security, the file is transferred to the destination and a confirmation is issued to the server. Bulk data transfers are sent without traffic. TECHNICAL FEASIBILITY: Technical feasibility focuses on existing computer systems (hardware, software, etc...) and the extent to which it can support the proposed addition. For example, if the current computer is running at 80% capacity. This involves additional hardware (RAM and 6 6 processors) which will increase the speed of the process. On the software side, the opensource PYTHON language is used. We can also use the Linux operating system. The technical requirement of this project is Socket module in python, software and normal hardware configuration is enough, so the system is more feasible on these standards. ECONOMIC FEASIBILITY: Economic feasibility is the most common method used to assess the effectiveness of candidate systems.Oftenreferred to as a cost/benefit analysis, the process involves determining the candidate's expected benefits and savings and comparing them to the costs.Ifthebenefitsoutweigh the costs. Then decide to design and implement the system. Otherwise, exit the system. The implementation of the system makes it useful for analyzing traffic. Therefore, its implementation does not require any additional equipment or materials. Therefore, its use is economically feasible. 9. MODULES AND SYSTEM DESIGN Fig-4 SOCKET MODULE: Socket programming is a methodofconnectingtwonodes on a network to communicate with each other. A socket (node) listens on a specific IP port, while another socket contacts other sockets to establish connections. When a client connects to a server, the server forms a listening socket. They are the real backbone of web browsing. Simply put, there is a server and a client. Socket programming starts with importing the socket library and creating a simple socket. import
4.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 03 | Mar 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 1230 sockets=socket.socket(socket.AF_INET,socket.SOCK_STREA M) Here we create a socket instance and passittwo parameters. The first parameter is AF_INET and the second is SOCK_STREAM. AF_INET refers to the ipv4 address family. SOCK_STREAM indicates a connection-oriented TCP protocol. We can now use this socket to connect to the server. THREADING: The "thread" module provides simple functionality and provides a higher-level interface into the threading module, which should be used. The first thing you need to do is import Thread by typing: from threadingimportThread The threading module, as mentioned earlier, has a Thread class to implement threads, which also contains a predefined method in multithreaded programming. They are: run(): as thread input start(): used to start a thread by calling run() isAlive(): used to check if there is output getName(): used for return a The thread name setName(): used to set the thread name OS MODULE: The Python OS module facilitates the interaction between the user and the operating system to build the system. It provides many useful operating system functions, used to perform operating system-based tasks and obtain relevant information about the operating system. The operating system is part of Python's standard utility modules. This module provides a portable way to use operating system dependent functions.os.name () - Provides the name of the OS system module it imports. os.mkdir() – used to create a new directory os.getcwd() – returns thecurrentworkingdirectory os.chdir() - changes the current working directory os.rmdir() - removes the specified directory an absolute or relative path os.popen() - opens a file or specified from the command it returns an object of return file connected to the pipe. os.close() - closes the file associated with the descriptor fr. SUBPROCESS MODULE: The subprocess module present in Python (2.x and 3.x) is used to run new applications or programs through Python code by creating new processes. It also helps to get entry/exit/error channels and exit codes from various commands. To start a new process, or in other words, a new sub-process in Python, you need to use the Popen function call. Two parameters can be passed in the function call. The first parameter is the program you want to start and the second is the file parameter. In the following example, you will use the Unix cat command with example.py as two arguments. The cat command, short for "concatenate", is widely used in Linux and Unix programming. Like "cat example.py". You can start any program unless you didn't create it. 10. ALGORITHMS USED REVERSE TCP ATTACK: When a host initiates a connection, we call it a forwarded connection. But otherwise, the server initiates a connection to the host, which we call a reverse connection (rare). A firewall works by blocking all incoming connections. Thus, all incoming connections (reverse connections) are blocked by the firewall. However, if the host initiates the connection (a forward connection), it is allowed, and a host-initiated return connection is allowed. Fig-5: Reverse TCP Basically, it is not the attacker who initiates a connection, which of course would be blocked by the firewall, but the device which initiates a connection to the attacker, which would be allowed by the firewall.fire,thentheattackertakes control of the device and goes through work. It is a type of reverse shell. Fig-6
5.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 03 | Mar 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 1231 11. CODE AND IMPLEMENTATION Fig-7: Code import os,socket,subprocess,threading; def s2p(s, p): while True: data = s.recv(1024) if len(data) > 0: p.stdin.write(data) p.stdin.flush() def p2s(s, p): while True: s.send(p.stdout.read(1)) s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect(("192.168.0.114",4444)) p=subprocess.Popen(["windowssystem32cmd.exe"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, stdin=subprocess.PIPE) s2p_thread = threading.Thread(target=s2p, args=[s, p]) s2p_thread.daemon = True s2p_thread.start() p2s_thread = threading.Thread(target=p2s, args=[s, p]) p2s_thread.daemon = True p2s_thread.start() try: p.wait() except KeyboardInterrupt: s.close() It is necessary to have two Windows workstationsandLinux machines to set up this project. First create a python file and write the above script and save it with .pyw extension,it will run the python file in the background. Now thesystemstarts sending connection packets to the above IP address through the above port number. Now run the followingcommand on the Linux machine nc -nlvp 4444 This command uses the netcat tool to listen for any connection on port number 4444. If either machine sends a connection to the Linux machine, it will easily accept it and establish a connection between the two machines. The reverse TCP connection is established successfully, and the Windows system commandpromptisdisplayedontheLinux machine with user rights. 12. OUTPUTS Fig-8: Output-1 Fig-9: Output-2
6.
International Research Journal
of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 03 | Mar 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 1232 13. CONCLUSION The technical advantage of backdoors is the ability to monitor remote systems. It is most likely to be used by software companies who can monitor employee computers to improve productivity. Parental monitoringisalsopossible with this backdoor software. Firewalls cannot detect backdoors as malware, so Windows computersprotected by firewalls are extremely vulnerable to backdoors that can be easily exploited and gain remote access. This backdoor has positive and negative uses. Some negative ways of using a backdoor are to establish a connectiontoa computerthat we do not have access to. The backdoors we created are for educational purposes only and cannot be used foranyillegal purpose. REFERENCES [1] Eman Esmaeel Hamed and Muna Majeed lafta, "Intrusion WindowsXP byBackdoorTool",Journal ofAl- NahrainUniversity,Vol.11(3),December,2008M. Young, The Technical Writer’s Handbook. Mill Valley, CA: University Science, 1989. [2] Chris Wysopal and Chris Eng, "Static Detection of Application of Backdoors", Veracode Inc. [3] Exploring windows back door – bypassing firewall on webhosting providers https://dl.packetstormsecurity.net/papers/general/my _research1.pdf
Download now