Peligro en internet

Troyanos & Metasploit

Juan Francisco Bosco
Contact: boscofrancisco@gmail.com
Blog: http://www.magnobalt.com.ar
 Algunos Conceptos
Malware
Troyanos
Keyloger
Rootkits
Exploit
Botnet
Crimeware
…
 Parte 1

"El número de troyanos está creciendo, representan el

83% del maware detectado".
Creando un Troynao
 Conexión Reverse
Victima
190.45.43.3:2345

e cida
Hacker Est abl
ò n
ex i
Con

200.43.43.2:4444

Escuchando Puerto
(Ejemplo 4444)
Video #1

Conexión
Reverse
 Conexión Bind
Victima
190.45.43.3:4444

le cid a
Hacker E stab
n
exió Escuchando Puerto,
Con con Servicio

200.43.43.2:5467
Video #2

Conexión
Bind
 Ingenieria Social
Todos queremos ayudar.

El primer movimiento es siempre de

confianza hacia el otro.

No nos gusta decir No.

A todos nos gusta que nos alaben.

Parte 2
What is it?
The Metasploit Framework is both a penetration testing system
and a development platform for creating security tools and
exploits. The framework is used by network security professionals
to perform penetration tests, system administrators to verify patch
installations, product vendors to perform regression testing, and
security researchers world-wide. The framework is written in the
Ruby programming language and includes components written in C
and assembler.
What does it do?
The framework consists of tools, libraries, modules, and user
interfaces. The basic function of the framework is a module
launcher, allowing the user to configure an exploit module and
launch it at a target system. If the exploit succeeds, the payload is
executed on the target and the user is provided with a shell to
interact with the payload. Hundreds of exploits and dozens of
payload options are available.
Atacando IExplorer
Febrero 2010
¿Preguntas?

Juan Francisco Bosco

Contact: boscofrancisco@hotmail.com
Blog: http://www.magnobalt.com.ar