Using operating system backdoors
In simple terms, a backdoor is a method that allows us to maintain access to a target machine without using normal authentication processes and remaining undetected. In this section, we will discuss several tools that can be used as backdoors to the operating system.
Cymothoa
Cymothoa is a backdoor tool that allows you to inject its shellcode into an existing process. The reason for this is to disguise it as a regular process. The backdoor should be able to coexist with the injected process in order to not arouse the suspicion of the administrator. Injecting shellcode to the process also has another advantage; if the target system has security tools that only monitor the integrity of executable files but do not perform checks of the memory, the process's backdoor will not be detected.
To run Cymothoa, just type the following command:
cymothoa
You will see the Cymothoa helper page. The mandatory options are the process ID (PID) -p to be injected and the...
