This is because the only port-forwarding that should've been configured was at the server-side. The beauty of reverse shell is that we could've abused him from anywhere on the planet. It was constantly checking if the server is available, and once we started our server, we would reconnect. This way, whenever he was in the office, the script was running in the background. This only required us to set up his laptop to run the client on startup. Since this was a reverse shell attack, we (hackers) were the server, and the hacked person was the client. The script was split into two parts, the server and the client. The CTO (our team lead) was impressed, and we've got a green light to use all resources available to make this happen. It could execute various commands for us, SSH access, and the client had reverse shell backdoor in case the SSH was shutdown. About 3 hours later, at our backend team code review, we've had a prototype working. There he wrote a python program capable of a reverse shell with client and server code being together 65 lines. Luka's master's thesis gave us a good head start since he was writing about Methods of ethical hacking. Luckily for us, we always have free time, and we started working immediately. Our eyes lit up like children's in a candy shop. The CEO overheard us and suggested we should prank hack someone from the office if we had free time. Luka and I were drinking coffee, making jokes about hacking NASA. So it all started one sunny morning in the office kitchen. These methods should not be abused for purposes they are not meant to serve. Who would've imagined everyone in the office in that moment, were part of the prank that's being pulled on you?įirst of all, I want everyone to understand that what I am about to present is for educational purposes only. Then background changes to NSFW background, there are loud NSFW voices coming from your laptop, and CTO is giving you sh*t to turn it all down because the office is on fire (people rolling on the floor laughing). You start a meeting, and suddenly the computer goes crazy and starts playing pig noises at a full volume in the middle of the office. Finally, you get your connection, perform a factory reset and have a squeaky clean PC to work with. But the whole office is online, and we are all on the same Wi-Fi?!Īfter 20 min of troubleshooting, your laptop started working again. Your client's API is effectively returning you 404 your browser is returning 404, you are offline from the company's Slack for no apparent reason. Next thing you know, your internet is not working. Then suddenly, fishy NSFW websites start popping up. Your work is not saved and you are somewhat frustrated. Imagine one peaceful morning, you start working on your laptop and suddenly - your laptop starts restarting.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |