From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Hiding with the cloak of invisibility
From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Hiding with the cloak of invisibility
- [Instructor] Malware will go out of its way to hide once it's on the target system. If it can evade detection, it's more likely to accomplish its intended goals. Let's have a look at one way in which this works. I'm in a command shell and I'll go into my local user application directory by typing cd appdata\local. And I'll go into the Windows sub-sub-sub-directory by typing cd microsoft\windows. When I list the contents of the directory, there's a number of files and folders, but there's no history sub-directory. When I list hidden files, we can see there are a few, but there's still no history sub-directory. However, the history sub-directory does exist. We just can't see it. Let's try to change directories and go into it. That worked. Let's see what we've got here. We have a desktop.ini file, so let's have a look at what's inside it. This is the method Microsoft uses to hide folders. We can see it includes two…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
Evading antivirus detection1m 24s
-
Exotic scanning with Nmap4m 36s
-
Obfuscating payloads with msfvenom2m 9s
-
Hiding payloads in benign files4m 34s
-
Custom packaging of software1m 2s
-
Fileless attacks with PowerShell4m 38s
-
Hiding with the cloak of invisibility1m 42s
-
Embedding malware in an alternate data stream4m 6s
-
Tunneling through DNS with iodine2m 44s
-
Checking for oversight1m 21s
-
-