Embed
Email

31_200810-ISS-PRG-HACKINGTEAM

Document Sample

Shared by: Flavio Bernardotti
Categories
Tags
Stats
views:
31
posted:
12/2/2011
language:
Galician
pages:
28
!"#$%"&'$(%!$)&*+*%"#&V5.1

,&*-./0-12&*345/6.78/9.:&*49-.;&?@AB2&CA-@AB&

/A:&#=A@-=6@AB&'=;3D-.69&/A:&*;/6-31=A.9E&FD00&

@A-.00@B.A>.&=A&-/6B.-&D9.69&.G.A&643-.:&

>=;;DA@>/-@=A9 H*?43. IJI 9.>D6. 5.K ;/@0 .-> L

>=;;DA@>/-@=A9&H*?43.2&IJI2&9.>D6.&5.K&;/@02&.->EL



ME&N@A>.AO.--@2&NE&8.:.9>1@

M N@A>.AO.--@ N 8.:.9>1@

555E1/>?@AB-./;E@- P

Offensive security technology

RCS - Remote Control System -

tool for Law Enforcement Agencies





David Vincenzetti

HT Srl - Italy

Q

R&S/>?@AB&%./; T

,00&!@B1-9&!.9.6G.:

R&S/>?@AB&%./; U

,00&!@B1-9&!.9.6G.:

R&S/>?@AB&%./; V

,00&!@B1-9&!.9.6G.:

R&S/>?@AB&%./; W

,00&!@B1-9&!.9.6G.:

Introduction









X

S/>?@AB&%./;

S ?@ %

! S% *60 @9 / PYYZ C-/0@/A >=;3/A4 1@ /A: M/G@: N@A>.AO.--@E

N.A-D6.7K/>?.:

N.A-D6. K/>?.: @A QYYX K4 -5= C-/0@/A N' =;3/A4 @9 /A />-@G. 30/4.6 @A -1. C% 9.>D6@-4

;/6?.- /A: @- =/0 S/>?@AB H3.A-.9-L

9.6G@>.92 9.>D6@-4 -==09 /A: @A-.00@B.A>. @A9-6D;.A-9

B

D6@-4 949-.; 51@>12 @A 93.>@ >@6>D;9-/A>.922

/00=59 )/5 "A.;.A- ,B.A>@.9 -= /--/>? /A:

>=A-6=0 -/6B.- I'9 from a remote location



R&S/>?@AB&%./; [

,00&!@B1-9&!.9.6G.:

\1/-&/>-D/004&1/33.A9

\1 - - 00 1

! C% =D6@-4 6.36.9.A-9 / A.5 /A: 1@B104

@AA=G/-@G. -.>1A=0=B4

! C-]9 B6=5@AB G.64 /D9. =1

/9 -.66=6@9;2 @A:D9-6@/0 .93@=A/B. /A: @A9@:.6 -6/:@AB

! ,:G/A>.: D9. =6./9@AB04 A.6G=D9

! " 0 -1. -@ 0 -1 643-.: N CI

>=;;DA@>/-@=A9 HSkype >0/@;9 TYY` ;@00@=A9 =?@AB&%./; a

,00&!@B1-9&!.9.6G.:

\1/-&/>-D/004&1/33.A9

\1 - - 00 1

! C643-9 =A0@A. >=AG.69/-@=A9 K4 :./-@=A

@A:.3.A:.A-L

43 4 4

! *?43. @9 0@?.04 -= K. =A. ==;;DA@>/-@=A K4 -.>179/GG4 >6@;@A/09

! %1.AEEE

! Governments should use spyware-based wiretapping

technologies (that is, offensive technologies) to foil

tech-savvy criminals’ communications

y

! H*=;. >=DA-6@.9 9-@00 0/>? / 0/5 -1/- 5=D0: /00=5 -1.

/D-1=6@-@.9 -= 934 =A 9D93.>-.: >6@;@A/09 K4 9.>6.-04

remote software

@A9.6-@AB cremote forensic softwared @A-= -1.@6 >=;3D-.69L

R&S/>?@AB&%./; PY

,00&!@B1-9&!.9.6G.:

I/99@G.&;=A@-=6@AB&@9&

D9.0.99&/B/@A9-&;=9-&

.A>643-.:&>=;;DA@>/-@=A&

949-.;9&H9D>1&/9&*?43.L

4 H 43 L

R&S/>?@AB&%./; PP

,00&!@B1-9&!.9.6G.:

$D6@-4&

;=A@-=6@AB&@9&1@B104&

.-@G.&=A&;=9-&

>=;;DA@>/-@=A&949-.;9

4

R&S/>?@AB&%./; PQ

,00&!@B1-9&!.9.6G.:

$D6@-4&

;=A@-=6@AB&@9&1@B104&

.-@G.&=A&;=9-&

>=;;DA@>/-@=A&949-.;9

4

NYXEYaEQV&R&S/>?@AB&%./; PT

,00&!@B1-9&!.9.6G.:

\14&C%&=D6@-4

\1 C% . @9 / G.64 /--6/>-@G. 30/>. 6@;@A/09_

32 e 4

C-]9 >1./32 eD@>? /A: ./94 -= />>.99



! C% =D6@-4 949-.;9 >/A K.

>=;30.;.A-/64 -= ;=6. -6/:@-@=A/0 3/99@G. C%

;=A@-=6@AB 9=0D-@=A9



! J=G.6A;.A-9 A..: -= 1/G. K=-1 defensive /A:

offensive (IT) capabilities





R&S/>?@AB&%./; PU

,00&!@B1-9&!.9.6G.:

C%&=D6@-4

C% .A/6@=9_

*-/A:/6:

! c*-/A:/6:d >6@;@A/0 @AG.9-@B/-@=A H.G@:.A>.

B/-1.6@ABL 3.61 /9 I=0@>. /A: %/^ I=0@>.E



! CA-.00@B.A>. B/-1.6@AB />-@G@-@.9 3.66/>?@AB7:=5A

*.>D6@-4 ,B.A>@.9 51.A >6/>?@AB :=5A

-.66=6@9; /A: 9.6@=D9 =6B/A@O.: >6@;.9E



! H'=63=6/-. 9>.A/6@=_ 51.A =00/6

>6@;.92 CEIE -1.?@AB&%./; PV

,00&!@B1-9&!.9.6G.:

!.;=-.&'=A-6=0&*49-.;

! - ' - 0* -



! Remote Control System is an IT stealth

LEAs.

investigative tool for LEAs (It is offensive security

technology. It is spyware. It is a trojan horse. It is a

bug. It is a monitoring tool. It is an attack tool. It is a

tool for taking control of the endpoints, that is, the

PCs)

! C- 3.6;@-9 3/99@G. ;=A@-=6@AB /A: active >=A-6=0 =.99.9 =A 9.0.>-.: -/6B.-

>=;3D-.69E

>=;3D-.69

! *D>1 >=;3D-.69 ;@B1- =6 ;@B1- A=- K. >=AA.>-.: -=

CA-.6A.-E

-1. CA-.6A.-

R&S/>?@AB&%./; PW

,00&!@B1-9&!.9.6G.:

Functionalities









PX

#=A@-=6@AB&/A:&)=BB@AB&

# @- @ :) @

Remote Control System >/A ;=A@-=6 /A: 0=B /A4

/>-@=A 3.6D;.A-9

" '1/-2 .;/@02 @A9-/A- ;.99/B@AB

" !.;=-. ,D:@= *34

" '/;.6/ 9A/391=-9

" Skype HN=CIL >=AG.69/-@=A9

" b



R&S/>?@AB %./; P[

,00&!@B1-9&!.9.6G.:

I'&/6>1@-.>-D6.9

I' 1@- -



! \@A:=59&iI

! \@A:=59&QYYT

! \@A:=59&N@9-/



! jPYa_&#,'&$*

jPYa #,' $*

! jUYa_&)@AD^





R&S/>?@AB&%./; Pa

,00&!@B1-9&!.9.6G.:

#=A@-=6@AB&/A:&)=BB@AB&

# @- @ :) @

Remote Control System >/A ;=A@-=6 /A: 0=B /A4

/>-@=A 3.6.3-@=A

" )=>/0@O/-@=A H>.00 9@BA/0 @A. >/009 @A-.6>.3-@=A

" b

R&S/>?@AB&%./; QY

,00&!@B1-9&!.9.6G.:

*;/6-31=A.9&/6>1@-.>-D6.9

* - 1 1@- -



! \@A:=59&#=K@0.&V

! \@A:=59&#=K@0.&W



! jPYa_&@I1=A.

! jUYa_&!C#f80/>?8.664

jUYa !C#f80 ?8

! 4

jUYa_&*4;K@/A





R&S/>?@AB&%./; QP

,00&!@B1-9&!.9.6G.:

CAG@9@K@0@-4

C @ @K@0@-

! ,00=59 ;=A@-=6@AB H/00L I' D9.6]9 />-@G@-@.9

! ,/AA=-

K : - - : K /A4 K

K. :.-.>-.: K4 : -

KDBB.: >=;3D-.6 D9.6

" "^@9-@AB =;3D-.6 9

(= A.5 =;3D-.6]9 1/6: :@9?

" (= A.5 36=>.99.9 /6. .^.>D-.:

" (= A.5 A.-5=6? >=AA.>-@=A9 /6. .9-/K0@91.:

" Antivirus, antispyware, anti-key-loggers cannot

detect our bug

! E g Gartner Endpoint Security Magic Quadrant

E.g.,









R&S/>?@AB&%./; QQ

,00&!@B1-9&!.9.6G.:

F0.^@K@0@-4

F0 @K@0@-

" J=.9 K.4=A: 0=BB@AB /A: ;=A@-=6@AB

" ,00=59 3.6-@=A9 =A / KDBB.:

>=;3D-.6

! *./6>1 /A: G@.5 :/-/ =A -1. 1/6: :@9?



! "^.>D-. >=;;/A:9 6.;=-.04



! I=99@K04 ;=:@=A-.A-9



! Trigger actions in response to events

k *-/6- 9.A:@AB :/-/ =A04 51.A -1. 9>6..A9/G.6

/>-@G.2 6.;=G. 36.>=A-@ . 6.;= . @-9.0=AE



R&S/>?@AB&%./; QT

,00&!@B1-9&!.9.6G.:

,--/>?fCA-@=A&G.>-=69

,-- ?fC /0&:.G@>.

" \1@>1&>/A&K.&@A9-/00.:&remotely

3 BB 4

! '=;3D-.6&>/A&K.&KDBB.:&K4&;./A9&=-@=A&G.>-=69

! CA-.00@B.A>.&@A-@G.







R&S/>?@AB&%./; QU

,00&!@B1-9&!.9.6G.:

!.;=-.&@A9-/00/-@=A

! - @ - 00 -@



! !.;=-.&@A-@=A&G.>-=69

" "^.>D-/K0.&;.0-@AB&-==0

" S%%I&CAl.>-@=A&I6=^4

" S%&m.6=7:/4&"^30=@-9&0@K6/64&H0@K6/64&@9&

c@A:@6.>-04d&/>>.99.:&K4&>D9-=;.6L

@A:@6.>-04 />>.99.: K4 >D9-=;.6L

" S%&>=A9D0-/A>4_&/A=A4;=D9&/--/>?&

9>.A/6@=&/A/049@92&/--/>?&>==?K==?

9>.A/6@= /A/049@9 /--/>? >==?K==?

! "EBE2&#=G@AB&-/6B.-&D9@AB&*?43.





R&S/>?@AB&%./; QV

,00&!@B1-9&!.9.6G.:

)=>/0&H3149@>/0L&@A9-/00/-@=A

) 0 H 1 @ 0L @ - 00 -@

! )=>/0&@A-@=A&G.>-=69

" H8==-/K0.L&'M7!$#

H8==-/K0.L 'M7!$#

" H8==-/K0.f,D-=6DAL&h*8&3.A&:6@G.

M@6.>-&1/6:&:@9?&@A-@=A&K4&;./A9&==;3D-.6&>/9.

" F@6.5/6.&I=6-fI'#'C,&/--/>?9

4 4

" S%&>=A9D0-/A>4_&/A=A4;=D9&/--/>?&

9>.A/6@=&/A/049@92&/--/>?&>==?K==?

B 2 -. .- '/ n D9 B ..3 .. .

! "EBE2&CA-.6A.-&'/?@AB&%./; QW

,00&!@B1-9&!.9.6G.:

'6@-@>/0&@99D.9

' @-@ 0 @

!.;=-.&'=A-6=0&*49-.;&>=D0:&A=-&5=6?&

5@-1=D-&-1.&-@=A&>/3/K@0@-@.9&Hattack vectorsL

UE !=KD9-A.99&o&*>/0/K@0@-4&HK.@AB&D9.:&K4&

! K - o * 0 K@0@- HK @ :K

;/A4&>0@.A-9&@A&6./0&9.>D6@-4&9>.A/6@=9L

5. Centralized management of unlimited

HETEROGENEUS targets

R&S/>?@AB&%./; QX

,00&!@B1-9&!.9.6G.:

g

www.hackingteam.it







R&S/>?@AB&%./; Q[

,00&!@B1-9&!.9.6G.:


Other docs by Flavio Bernard...
16hackers-indict
Views: 27  |  Downloads: 0
Long Hard Road
Views: 38  |  Downloads: 0
msn-spy
Views: 8  |  Downloads: 0
Swartz - The Lost Journals Of Nikola Tesla - Haarp - Chemtrails And Secret Of Alternative 4 _2000_
Views: 54  |  Downloads: 2
islamization_en
Views: 19  |  Downloads: 0
af-03-1027
Views: 3  |  Downloads: 0
Opencv1_3
Views: 6  |  Downloads: 0
Afghanistan Opium Survey 2008 _UNODC_
Views: 14  |  Downloads: 0
0602601F
Views: 10  |  Downloads: 0
electromagnetic mind control frequencies energy radiation elf gwen towers haarp chemtrails aerosol spraying
Views: 11  |  Downloads: 1
By registering with docstoc.com you agree to our
privacy policy
Close

You are almost ready to download!

close

You are almost ready to download!