Closed

Trojan (MiTB) bot needed for security penetration testing

Any Experienced coders / developers please message me . Project budget ~€50,000-€100,000. You will be paid in stages of the development process.

MITB attacks begin with a system that is pre-infected with malware, typically a Trojan, which may infect an individual application or OS. This Trojan installs software (such as an extension) onto the target browser. Attacker traffic is masked by user traffic, thereby fooling even the sharpest user into thinking that nothing out of the ordinary is going on.

The Trojan infects the computer’s software, either OS or Application.

After the installation, it contacts the server in the control file and starts to wait for commands. The remote server may instruct the trojan to execute any of the following actions:

Update the trojan's main file

Remove the trojan from the system

Download, activate, and remove additional components (plugins)

The Trojan installs an extension into the browser configuration, so that it will be loaded next time the browser starts.

At some later time, the user restarts the browser.

The browser loads the extension.

The extension registers a handler for every page-load.

Whenever a page is loaded, the URL of the page is searched by the extension against a list of known sites targeted for attack.

The user logs in securely on to for example [login to view URL]

When the handler detects a page-load for a specific pattern in its targeted list (for example [login to view URL]) it registers a button event handler.

When the submit button is pressed, the extension extracts all data from all form fields through the DOM interface in the browser, and remembers the values.

The extension modifies the values through the DOM interface.

The extension tells the browser to continue to submit the form to the server.

The browser sends the form, including the modified values, to the server.

The server receives the modified values in the form as a normal request. The server cannot differentiate between the original values and the modified values, or detect the changes.

The server performs the transaction and generates a receipt.

The browser receives the receipt for the modified transaction.

The extension detects the [login to view URL] URL, scans the HTML for the receipt fields, and replaces the modified data in the receipt with the original data that it remembered in the HTML.

The browser displays the modified receipt with the original details.

The user thinks that the original transaction was received by the server intact and authorized correctly.

Trojan will enable attacker to record credidentals ,grab keystrokes , screenshots which will all be stored in an encrypted database which will be accessed via an admin page which only the hosts/attackers will have access to.

-Admin will be able to view the total number of infected browsers ( Based on how many infected devices connect back to the server ) TOTAL INFECTED = 40,000 . (Meaning 40,000 devices have successfully installed the Trojan and the

-Each infected Device will have a session which will display the following information

*How long the device has been infected

*Type of Device , Ie Model Etc

*Ip Address of the Device Etc

-Updated in real time as information is sent to the server .

-Commands and Predeveloped web injects scripts can be executed from the admin panel on each individual infected device . Commands such as keylogging , screenshot of web browser, uninstall web inject from chosen device .

-A Section to modify the data such as sort code and account number and the transaction amount

(Example )

Original AM =£500 **Modified AM =£1500

Original SC =44XYZ**Modified SC =88XYZ

Original AN =54XYZ* *Modified AN =19XYZ

Confirm<<<BUTTON TO CONFIRM CHANGES<.<.<.Modified Data will be Submitted to Server and the server will modify it as a normal request.>.>.>

Skills: Website Design, HTML, CSS, Anything Goes

See more: penetration testing india, penetration testing karachi, hotmail account creator bot needed, risk assessment penetration testing services india, open security penetration testing company, hacker needed security testing purposes, information security penetration testing companies sweden, application security penetration testing, freelance job websites list application security penetration testing web site security, rfp rfq tender penetration testing vulnerability assessment security testing security audit application security website securit, computer security and penetration testing, cyber security penetration testing salary, penetration testing security policy, what is cyber security penetration testing, why is it important to continuously conduct penetration testing for a strong security system?, cyber security penetration testing jobs, differentiate between security audit vulnerability assessment and penetration testing, email security penetration testing, comparing security audit vulnerability assessment and penetration testing, cyber security analysis using vulnerability assessment and penetration testing

About the Employer:
( 0 reviews ) Athlone, Ireland

Project ID: #30646730

3 freelancers are bidding on average €62000 for this job

mmadi

Hello Directoroluwa, How are you ? I have read your project description and would like to be considered for this project "Trojan (MiTB) bot needed for security penetration testing " I have worked with Anything Goes More

€50000 EUR in 12 days
(25 Reviews)
6.7
irfanui

Hi There, from brief I summarize that your Project Title is Trojan (MiTB) bot needed for security penetration testing Right? Sure i'll provide you with Quality Work. Please award me the project so that we can discuss More

€50000 EUR in 20 days
(8 Reviews)
4.3
(0 Reviews)
0.0