Anatomy of a Hacker Attack
Phase 3 - Download and Execute Software
Once a weakness is found, it is typically used to download one
or several executable files to the target computer. The hacker might use a
buffer overflow, an e-mail or a web browser bug to initiate this phase.
Although there are many
publicly available hacker tools on the Internet, the professional hacker will
probably custom build his own executable tools. This means that normal
virus protection software will not be able to recognize them.
Hacker tools can be used to perform most of the tasks the
hacker wants, more or less as if he were physically present in front of the
computer. They can also be designed for very specific purposes, such as
elevating privileges or bypassing security controls some other way. Yet other tools may
be used to hide the fact that the computer has been hijacked.
If the hacker gets past phase three, the game is basically up.
Once he is able to execute arbitrary code on your computer, there will not be
much holding him back.
Copyright © 2002 Abtrusion Security AB.
All rights reserved. This document may be reproduced provided that it is
reproduced in its entirety and that this copyright message is retained.