In the below issue of Hackin9 magazine they go over how to insert asm code into a binary while keeping it's functionality fully in tact. It specifically goes over how to insert a portion of code into putty.exe that will send the username and password of a ssh login attempt from a victim back to the attacker via HTTP GET prams. It's a great read. If you cannot find the article or magazine anywhere I would be willing to scan the article for you.
http://hakin9.org/magazine/580-no-backdoor-try-opening-the-windows <http://hakin9.org/magazine/580-no-backdoor-try-opening-the-windows>"Rogue Binaries – How to Own Software" On Tue, Dec 1, 2009 at 8:13 AM, Matthew Raspberry <[email protected]>wrote: > Hey all, > > I was listening to Pauldotcom episode 176 when Relic was talking about > manually embedding payloads into executables and I was wondering if someone > could point me to a book or website with more information on doing that? I > realize Metasploit has automated the process, I would just like to know how > it is done. I just recently got into IT Security, coming from a Sys Admin > job previously, and don't know too much about the more advanced topics. Any > help on this is appreciated. > > -- > Matt Raspberry > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
