In this hack, we will be using Notepad++ as our example software that we will hijack its update, so you will need to install it on one system. This hack also leverages what we did in an earlier tutorial using a MitM attack, so you may want to read that one first. This will be one of the most complex hacks we've ever done on Null Byte, so if you're new to hacking, you may want to come back after doing bit of background work. Here we will be abusing trust, not an operating system or application. Unlike many of our hacks, this one is independent of just about any other factors such as operating system, ports, etc. What if, instead, when we're prompted to download that update, we are installing malicious software on our system that would give a malicious hacker control of our system? That's what we are going to do to our victim here! Exploiting "Trustworthy" Software UpdatesĪll of us have seen that message- software updates are available now! Invariably, we trust this message and download the update to presumably make our system work better, add a new feature, or make our system safer. In this hack, we'll look at abusing the trust that a user innately has for software updates to install our own listener/rootkit on their system. As systems become more and more secure, we need to be vigilant in our search for weaknesses. We must not overlook any of the possibilities if we want to "own" the system. There are innumerable ways to hack a system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |