BPFDoor: a stealthy, Chinese nation-state backdoor | Threat SnapShot

  Рет қаралды 667

SnapAttack

SnapAttack

Күн бұрын

In this week's SnapShot, we take a look at BPFdoor -- a passive network implant for Linux attributed to Red Menshen, a Chinese threat actor group. This malware allows a threat actor to backdoor a system for remote command execution, without opening any new network ports or firewall rules. For example, if a web application exists on port 80, it can listen and react on the existing port 80, and the implant can be reached over the web application port (even with the web application running). This is because it uses Berkley Packet Filter (BPF) to monitor all network traffic.
In this video, we'll show how to get the implant and controller working and communicating together, discuss some detection strategies, as well as demonstrate a scanning tool to see if you have any compromised hosts in your network.
CHECK THESE OUT IN THE FREE, COMMUNITY EDITION OF OUR PLATFORM
www.snapattack...
ATTACK SESSION
app.snapattack...
ANALYTICS
app.snapattack...
app.snapattack...
SCANNING TOOL
github.com/sna...

Пікірлер: 3
@petarsimovic5628
@petarsimovic5628 2 жыл бұрын
Thanks, scanning now
@drmikeyg
@drmikeyg 2 жыл бұрын
I did subscribe and I'm following. Thanks for the scanner. You Guys Rock.
@SweetLouise-z4j
@SweetLouise-z4j Ай бұрын
028 Mitchel Point
小丑揭穿坏人的阴谋 #小丑 #天使 #shorts
00:35
好人小丑
Рет қаралды 29 МЛН
Сюрприз для Златы на день рождения
00:10
Victoria Portfolio
Рет қаралды 2,8 МЛН
When mom gets home, but you're in rollerblades.
00:40
Daniel LaBelle
Рет қаралды 104 МЛН
Это было очень близко...
00:10
Аришнев
Рет қаралды 6 МЛН
Kernelless Kernel Programming (eBPF) - Computerphile
19:12
Computerphile
Рет қаралды 74 М.
How TCP really works // Three-way handshake // TCP/IP Deep Dive
1:01:10
Operationalizing the 2024 M-Trends Report | Threat SnapShot
14:13
Coding a Web Server in 25 Lines - Computerphile
17:49
Computerphile
Рет қаралды 341 М.
The Tragedy of systemd
47:18
linux.conf.au
Рет қаралды 1,1 МЛН
Subnet Mask - Explained
17:55
PowerCert Animated Videos
Рет қаралды 2,9 МЛН
小丑揭穿坏人的阴谋 #小丑 #天使 #shorts
00:35
好人小丑
Рет қаралды 29 МЛН