基于kali的免杀木马技术研究.docVIP

PAGE 4 基于kali的免杀木马技术研究 摘要：现在的社会，信息化快速发展，开放的互联网不仅带给了人们极大的便利,也在快速传播恶意代码。黑客通过使用恶意程序攻击、隐藏在人们的计算机中,对受害用户的信息数据进行盗取、破坏、勒索，或者监控用户的行为等等操作。病毒与反病毒的对抗是计算机安全领域中最激烈，规模最大的博弈，这也是计算机安全领域中对抗爆发的地方。本文通过对杀毒软件原理机制以及免杀技术的研究，基于kali linux操作系统的工具，再从现实的角度出发，制作了三种免杀远控型木马，并在目前国内最流行的两家巨头安全厂商的杀毒软件下进行测试，分别是360安全卫士和腾讯安全管家。 在获取目标计算机的shell命令下，探索了在杀毒软件存在的情况下，后渗透测试的权限边界。 实验结果表明，本文制作的三种免杀木马能有效绕过360安全卫士、腾讯安全管家等杀毒软件，并在后渗透测试下能获取可观的靶机信息。 关键词：安全、kali linux、免杀木马、后渗透测试 Research based on Kali about Anti-Virus Trojan Technology Abstract:In todays society, the rapid development of information technology, the open Internet not only brings great convenience to people, but also quickly spread malicious code. Hackers use malicious programs to attack and hide in peoples computers, stealing, destroying, extorting the victims information data, or monitoring the users behavior. The confrontation between virus and antivirus is the most intense and largest game in the field of computer security, and this is also where the confrontation breaks out in the field of computer security. In this paper, through research on the principle mechanism of anti-virus software and anti-killing technology, based on the tools of kali linux operating system, and from a practical perspective, three anti-killing remote control Trojans have been produced and are currently the two most popular domestic giants Tested under antivirus software from security vendors, they are 360 Security Guard and Tencent Security Manager.Under the shell command of obtaining the target computer, the permission boundary of post-penetration testing in the presence of antivirus software was explored.The experimental results show that the three anti-killing Trojans made in this article can effectively bypass anti-virus software such as 360 security guards and Tencent security housekeeper, and can obtain considerable target aircraft information in post-penetration testing. Keywords: Security, kali linux, anti-virus, post-penetration testing 目 录 TOC \o 1-3 \h \