POC Installing rogue app and bypassing Event Log Viewer
Budget
Posted: 4 year ago
Opened
- Description
- I'm looking for someone who can craft a benign looking application such as an installer for a popular application, but while the installer is running I would like the application eMule 0.50a to be installed in its default directory with a populated server.met file loaded into the application. In order to prevent this aspect from showing up in the Windows Event Viewer Logs I'd like this malware to run only in memory or where it could not be forensically identified should the host hard drive be examined. A backdoor trojan can also be loaded into memory where someone would have remote access to the computer even if it's a simple trojan that can be captured by an antivirus scanner (but if it too can be hidden I would be much more grateful). This request is ethical only and will not be distributed to any other person over the internet and is only a proof of concept that I can use as an example in something like a court of law, teaching seminar, or general penetration testing on my own. It will only be shown to one other person as well to see if they can determine how it was performed and if it could be prevented in the future by another certified penetration tester. If this is possible or you need more information please let me know and I'll gladly give you more details. The most important part of the malware I'm looking for involves writing the eMule application to the computer along with loading a server.met file into it without being able to be logged by Windows Event Log Viewer - if it shows up on a forensic scan of the hard drive that is file as the files would be installed on the host hard drive so they would have to be discovered. Platforms are for Windows 10 and possibly Windows 8.1 x64. If you have any questions please message me. Thank you for your time.
Skills:
antispam/antivirus,forensics,malware,penetration testing,software development,system administration
- Category
Source: peopleperhour.com