Any Experienced coders / developers please message me . Project budget ~€50,000-€100,000. You will be paid in stages of the development process.
MITB attacks begin with a system that is pre-infected with malware, typically a Trojan, which may infect an individual application or OS. This Trojan installs software (such as an extension) onto the target browser. Attacker traffic is masked by user traffic, thereby fooling even the sharpest user into thinking that nothing out of the ordinary is going on.
The Trojan infects the computer’s software, either OS or Application.
After the installation, it contacts the server in the control file and starts to wait for commands. The remote server may instruct the trojan to execute any of the following actions:
Update the trojan's main file
Remove the trojan from the system
Download, activate, and remove additional components (plugins)
The Trojan installs an extension into the browser configuration, so that it will be loaded next time the browser starts.
At some later time, the user restarts the browser.
The browser loads the extension.
The extension registers a handler for every page-load.
Whenever a page is loaded, the URL of the page is searched by the extension against a list of known sites targeted for attack.
The user logs in securely on to for example [login to view URL]
When the handler detects a page-load for a specific pattern in its targeted list (for example [login to view URL]) it registers a button event handler.
When the submit button is pressed, the extension extracts all data from all form fields through the DOM interface in the browser, and remembers the values.
The extension modifies the values through the DOM interface.
The extension tells the browser to continue to submit the form to the server.
The browser sends the form, including the modified values, to the server.
The server receives the modified values in the form as a normal request. The server cannot differentiate between the original values and the modified values, or detect the changes.
The server performs the transaction and generates a receipt.
The browser receives the receipt for the modified transaction.
The extension detects the [login to view URL] URL, scans the HTML for the receipt fields, and replaces the modified data in the receipt with the original data that it remembered in the HTML.
The browser displays the modified receipt with the original details.
The user thinks that the original transaction was received by the server intact and authorized correctly.
Trojan will enable attacker to record credidentals ,grab keystrokes , screenshots which will all be stored in an encrypted database which will be accessed via an admin page which only the hosts/attackers will have access to.
-Admin will be able to view the total number of infected browsers ( Based on how many infected devices connect back to the server ) TOTAL INFECTED = 40,000 . (Meaning 40,000 devices have successfully installed the Trojan and the
-Each infected Device will have a session which will display the following information
*How long the device has been infected
*Type of Device , Ie Model Etc
*Ip Address of the Device Etc
-Updated in real time as information is sent to the server .
-Commands and Predeveloped web injects scripts can be executed from the admin panel on each individual infected device . Commands such as keylogging , screenshot of web browser, uninstall web inject from chosen device .
-A Section to modify the data such as sort code and account number and the transaction amount
Original AM =£500 **Modified AM =£1500
Original SC =44XYZ**Modified SC =88XYZ
Original AN =54XYZ* *Modified AN =19XYZ
Confirm<<<BUTTON TO CONFIRM CHANGES<.<.<.Modified Data will be Submitted to Server and the server will modify it as a normal request.>.>.>