From the course: Ethical Hacking: The Complete Malware Analysis Process
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Analyzing black and grey energy
From the course: Ethical Hacking: The Complete Malware Analysis Process
Analyzing black and grey energy
- The BlackEnergy trojan started life in 2007 as a denial-of-service attack module, and it's been fairly well analyzed now. It uses PHP command and control system, access through HTTP, with a MySQL backend database for its configuration data. The command and control platforms are often Linux or BSD servers. The BlackEnergy command and control server has an informative help file written in Russian. It uses HTTP basic authentication as a password protection scheme to protect the botnet. It's configuration file enables a high level of customization of the denial-of-service attack allowing the form of denial-of-service and the packet size and frequency to be configured. It's attacks include ICMP ping flooding, TCP SYN attacks, UDP flooding, HTTP GET request flooding, DNS flooding, and basic binary data flooding. BlackEnergy comes as a kit with a GUI configuration and build tool to make the botnet implants. It doesn't…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.