![]() ![]() In this Lab I'm using Windows 7 SP1 virtual machine. To make this easier in this lab, I copied the Example.exe file in the shared network location. Now, we need to use any technique to send this server to the intended target through mail or any other way. ![]() Save the file on the Desktop and name as Example.exe. On the Builder dialog-box, enter the IP address of the Attacker machine - Windows 10, check the option Copy to StartUp and Registry StarUp, then click Build as shown below: Use the default port number 5552, and click Start. Launch the njRAT, the GUI appears along with a pop-up, where you need to specify the port you want to use to interact with the target machine. Log in to the Windows 10 and install the njRAT. The attacker can further create and configure the malware to spread through USB drives with the help of the Command and Control server software. The njRAT Trojan can be used to control Botnets (network of computers), allowing the attacker to update, uninstall, disconnect, restart, close the RAT, and rename its compaign ID. It can download and execute additional malware, execute shell commands, read and write registry keys, capture screenshots, log keystrokes, and spy on webcams. It infects victims via phishing attacks and drive by downloads and propagates through infected USB keys or networked drives. RATs help an attacker to remotely access complete GUI, control victim's computer without his or her awareness and are capable of performing screening and camera capture, code execution, keylogging, file access, password sniffing, registry management, and so on. In addition to loggin keystrokes, it is capable of accessing a victim's camera, stealing credentials stored in browsers, uploading and downloading files, performing the process and file manipulations, and viewing the victim's desktop. NjRAT is a RAT with powerful data-stealing capabilities. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |