Runion
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Malware delivery
- Thread starter godslucy
- Start date
To deliver malware effectively, study your target's environment to identify vulnerabilities in their security measures, including antivirus (AV), endpoint detection and response (EDR), and mail protection systems.
One common method is to send the malware as an email attachment, either zipped to bypass mail protection or as a document with macros enabled. When the victim opens the attachment, the malware is executed, often downloading additional malicious payloads from a remote server.
You may also exploit vulnerabilities in software or services used by the target. For example, use a phishing email to trick a user into clicking a malicious link that exploits a vulnerability in their web browser or operating system.
In cases where the target has strong security measures in place, you may use social engineering tactics to trick users into disabling or bypassing security features, such as AV or EDR, themselves.
To avoid detection, it's important to understand the target's security measures. Identify which AV/EDR/mail protection products are being used and analyze how your sample can bypass detection. For instance, sending the malware in a zipped file or as a document with macros enabled can help evade mail detection.
However, be aware that as soon as the malware is unzipped, it will likely come to the attention of the EDR, requiring you to figure out how to evade detection. Alternatively, target a small company that does not have EDR, as many companies don't, and then AV won't detect it unless it matches a known signature.
One common method is to send the malware as an email attachment, either zipped to bypass mail protection or as a document with macros enabled. When the victim opens the attachment, the malware is executed, often downloading additional malicious payloads from a remote server.
You may also exploit vulnerabilities in software or services used by the target. For example, use a phishing email to trick a user into clicking a malicious link that exploits a vulnerability in their web browser or operating system.
In cases where the target has strong security measures in place, you may use social engineering tactics to trick users into disabling or bypassing security features, such as AV or EDR, themselves.
To avoid detection, it's important to understand the target's security measures. Identify which AV/EDR/mail protection products are being used and analyze how your sample can bypass detection. For instance, sending the malware in a zipped file or as a document with macros enabled can help evade mail detection.
However, be aware that as soon as the malware is unzipped, it will likely come to the attention of the EDR, requiring you to figure out how to evade detection. Alternatively, target a small company that does not have EDR, as many companies don't, and then AV won't detect it unless it matches a known signature.
ElektraEmber
Midle Weight
- Депозит
- $0
thank you bro
ElektraEmber сказал(а):
To deliver malware effectively, study your target's environment to identify vulnerabilities in their security measures, including antivirus (AV), endpoint detection and response (EDR), and mail protection systems.
One common method is to send the malware as an email attachment, either zipped to bypass mail protection or as a document with macros enabled. When the victim opens the attachment, the malware is executed, often downloading additional malicious payloads from a remote server.
You may also exploit vulnerabilities in software or services used by the target. For example, use a phishing email to trick a user into clicking a malicious link that exploits a vulnerability in their web browser or operating system.
In cases where the target has strong security measures in place, you may use social engineering tactics to trick users into disabling or bypassing security features, such as AV or EDR, themselves.
To avoid detection, it's important to understand the target's security measures. Identify which AV/EDR/mail protection products are being used and analyze how your sample can bypass detection. For instance, sending the malware in a zipped file or as a document with macros enabled can help evade mail detection.
However, be aware that as soon as the malware is unzipped, it will likely come to the attention of the EDR, requiring you to figure out how to evade detection. Alternatively, target a small company that does not have EDR, as many companies don't, and then AV won't detect it unless it matches a known signature.
Нажмите, чтобы раскрыть...
I want to know the possibility of practically re-targeting. Without persistence at Bios or OS level.
What are the possible ways to infect the target by having them just open the email, not the attachment?
I think that in theory, there could be malicious JavaScript that once executed, or image that once viewed, triggers a vulnerability in the browser and the OS. Is this likely? if it is Can i get this JavaScript exploit somewhere here?
you can infect a target by exploiting vulnerabilities in the browser or OS through malicious JavaScript or other content (drive-by download). The idea is to craft the malicious content in such a way that it exploits a vulnerability in the browser or its plugins, or in the OS. When the user visits a website or views an email containing the malicious content(using a hyperlink), the exploit triggers, and malware is downloaded and executed on the user's system without their knowledge.
However, exploiting such vulnerabilities can be complex and often requires a good understanding of both the target system and the vulnerabilities themselves. Modern browsers and OS also have built-in security features that make can make such attack more difficult to execute successfully.
In short it is possible and you can get JS exploit from here.
If you want tor review some old JS samples to make your own review this collection - https://github.com/HynekPetrak/javascript-malware-collection
Последнее редактирование: 01.03.2024
However, exploiting such vulnerabilities can be complex and often requires a good understanding of both the target system and the vulnerabilities themselves. Modern browsers and OS also have built-in security features that make can make such attack more difficult to execute successfully.
In short it is possible and you can get JS exploit from here.
If you want tor review some old JS samples to make your own review this collection - https://github.com/HynekPetrak/javascript-malware-collection
Последнее редактирование: 01.03.2024
ElektraEmber
Midle Weight
- Депозит
- $0
shi_su2 сказал(а):
I want to know the possibility of practically re-targeting. Without persistence at Bios or OS level.
What are the possible ways to infect the target by having them just open the email, not the attachment?
I think that in theory, there could be malicious JavaScript that once executed, or image that once viewed, triggers a vulnerability in the browser and the OS. Is this likely? if it is Can i get this JavaScript exploit somewhere here?
just opening email cant get the browser affected . they still have to click the link , so that they are redirected to a site where you have javascript code in the webpage to infect the browser.
if theres a way or possibility ! please share your opinion on it
thank you : )
godslucy сказал(а):
just opening email cant get the browser affected . they still have to click the link , so that they are redirected to a site where you have javascript code in the webpage to infect the browser.
if theres a way or possibility ! please share your opinion on it
thank you : )
What about sending the malicious JS in an email? I mean maybe someway to embed it in the email such that it executes when user views it. the email itself could include the JS expoloit could it not?
shi_su2 сказал(а):
How can i do this? and can i do this for android apk files as well. Where do i buy this here
With landing page or fake app service site and deliver traffics to it, i can do this service for you and you can start your attacks