Durandal's Backdoor (BSWR)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

5 minutes
Video Transcription
hello and welcome to another episode of breaking stuff with Robert. Today we're going to be talking about D B D, which is a portable net cat clone that offers some pretty good encryption that can run on both units and Windows based systems. So let's jump right in
the objectives of this particular lesson or to give you a high level overview of DVD and some of its use cases that will fill out here in a demo. Our target audience is for this tool are going to be network administrators, maybe looking to securely transfer files exploitation analysts that were looking to mimic system persistence, activities
and, of course, penetration testers looking to maintain access during systems
while conducting a penetration test.
Now, some pre requisites for the tools used but not required is a fundamental knowledge of the Cali command line utilization and fundamental knowledge of persistence mechanisms. So with those things in mind, let's go ahead and jump into our demo.
All right, everybody, welcome to our demo environment. So today you may notice that I have a Windows Command prompt up over here, and that is because this tool in the tools category for Callie is like for maintaining access now,
as we said, you could do some other things with it. It's indicated that she can be used to securely transfer files.
It does, you know, handle encryption. Is it said it's Thea Portable Neck Cat Clone. And it's got some, you know, decent encryption than it could do between two end points for our purposes. Today. We're doing it from the standpoint of maintaining access to the system. So let's go ahead and jump right into this real quick. So we're going to imagine that this is my attacking machine.
Eso We'll put DVD
d b d in here, and we're going to listen
off Port 80 80
in other boats mode. So we're now actively listening for that connection.
So I know that my i p for my Lennox boxes written here on the paper. So I've got 1 91 681251 38 So, since I'm in the binaries folder were just imagining here that I have managed to get these binaries into a directory on the system that I'm attacking on DDE
just for demonstration here will do D B d.
Um, we're going to want this to restart every 10 seconds. But maybe you do it much longer. Let's just say 1000 seconds 2400 seconds and we're going to run. This is a process, or Damon, we're gonna turn that on. Its gonna be verbose. And we wanted to execute a command prompt for us
and the machine that this should be calling back to is 1 to 5138 on Port 80 80.
Bam. So as you can see, there were now
running his old Ro Bear desktop, and I've got my connection back.
Now, let's just say for the sake of discussion
that, uh, you know, you've gone ahead and created some kind of start up task. It's got a batch file that it runs this on.
But for some reason, you know, this gets closed out of what have you
and, uh
or we exit out? We say, you know, we need to go somewhere and do something like that. So it's running in the background. You come back from lunch or whatever the case may be, you start listening again,
and within 10 seconds
we've got that connection again. So something to note here and a virus ate this thing like it was nobody's business. And I did have to make some firewall changes before it connected out on my end. So kudos to me for being safe in that respect, but those are just things that you'll have to remember when you're working through on engagement. So
the way that I get this to stop doing what it's doing, you know, if we don't have a scheduled task, is I have to actually go into
my task manager.
And so we'll just show you for the demo here.
I know you're hiding in here.
There is. So we see DVD right there. So if I go ahead and exit out of here,
I start listening again. Just just a shade here. That it will reconnect because that's running
would get a connection here.
Okay, now check this out.
We're dead at that point because we found that particular task or process, and we stopped it.
So now when we start listening again, we can't reconnect. But
if you've got some kind of start up task in place, that's running this with maybe a bad file and you've gotten the binaries in a directory that's you know, somewhat isolated, and you may have to do some manipulation of the original files so that Anna virus doesn't eat it. So there's some experimentation on that do some testing.
But this is definitely a great way to establish and maintain access in an environment for testing purposes.
And so, with that in mind, let's go ahead and jump back over to our slides.
So I hope you enjoyed that demo of DVD. We again provided you with a high level overview. Should you? How you could use DVD to get a little bit of persistence going with some additional steps in an environment. And so with that in mind, I hope you enjoyed this today, and I thank you for your time and look forward to seeing you again soon.