Different to Google Hacking For Penetration Tester, The shark is the advance reverse connecting tool who are able to bypass the firewall to do remote control over a computer and is written using Visual Basic 6 (VB6)with the functions as follows:
- Supporting Random Startup and Random Servernames
- Desktop Preview in SIN Console
- Sortable and Configuratable SIN Console
- Remote Autostart Manager
- Optional Fwb++ (Process Injection, API Unhook)
- Folder Mirroring
- very userfriendly interface
- mRC4 Encrypted Traffic (New & Modded)
- zLib Compressed Traffic
- Highspeed, Stable Screen/Cam Capture
- Keylogger with highlight feature
- Remote Memory Execution & Injection
- VERY fast file manager/registry editor listing due to unique technique
- Anti: Debugger, VmWare, Norman Sandbox, Sandboxie, VirtualPC, Symantec Sandbox, Virtual Box
- And many others..
You know what comes into your mind when i tell you "RAT" ? Nope, this is not related to Narcs or Informants. RAT means Remote Administration Tools. In the old days, almost every security tester used to play with BackOrifice2 (famous Cult of the Dead Cow greatest software ).
As we know that in the previous day, a fellow security expert called me asking for help. He’s been told to keep an eye on some rogue computers that violate his organisation’s security policy. The computers were unauthorized to plug into the LAN without accepting security rules and policies.
He fired some old perl utilities (oldies but goodies), busted the IP addresses and successfully get connections to some rogue systems (he also knows metasploit kungfu), but he was unable to set and maintain a remote access.
I immediately suggested him a good RAT software among others* i’ve discovered when it first released to a "closed" circle of members. This tool is called SharK.
Understand how the enemy uses shark bites to penetrate the security system (not the mogalodon shark)
Download and survivors feel bite of sharks in the your lab.