a Hacker's Backdoor: Service Control Manager

preview_player
Показать описание

00:00 - SCManager Persistence
00:27 - Explaination
01:21 - How it works
05:18 - Demo begin
08:00 - Changing security descriptor
12:12 - Creating a service
16:18 - Final Thoughts

🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
  1. John Hammond
  2. cybersecurity
  3. learn
  4. programming
  5. coding
  6. capture the flag
Рекомендации по теме
a Hacker's Backdoor: 0:17:49

a Hacker's Backdoor: Service Control Manager

Remotely Control Any 0:04:59

Remotely Control Any PC in 4 mins 59 seconds

Check Your PC 0:00:53

Check Your PC for Hacked Backdoor Accounts

watch how Hackers 0:10:11

watch how Hackers Remotely Control Any phone?! protect your phone from hackers now!

HACK, Backdoor, Defend, 0:11:27

HACK, Backdoor, Defend, in MINUTES!

how Hackers Remotely 0:07:07

how Hackers Remotely Control Any phone!? check if your phone is already hacked now!

How Hackers Remotely 0:09:47

How Hackers Remotely Control Any PC?!

Watch This Russian 0:02:56

Watch This Russian Hacker Break Into Our Computer In Minutes | CNBC

Metasploit For Beginners 0:10:03

Metasploit For Beginners - How To Scan And Pwn A Computer | Learn From A Pro Hacker

How Intel wants 0:07:32

How Intel wants to backdoor every computer in the world | Intel Management Engine explained

Spyware at The 0:10:27

Spyware at The Hardware Level - Intel ME & AMD PSP

Big Jump In 0:09:32

Big Jump In Remote Desktop Attacks?! Watch How Hackers Do It And Protect Your Computers Now!

Creating a Persistent 0:14:10

Creating a Persistent Backdoor Using Service Persistence

Putty Malware Hackers. 0:07:27

Putty Malware Hackers. Hackers Trojanize PuTTY SSH Client to Backdoor

Destroying SYSTEM32 on 0:13:21

Destroying SYSTEM32 on a Scammer's Computer

Experienced Driver on 0:00:29

Experienced Driver on Tight Parking 🤠😎😎 #Shorts

hacking every device 0:07:06

hacking every device on local networks - bettercap tutorial (Linux)

Hackers backdoor Microsoft 0:03:14

Hackers backdoor Microsoft IIS servers with new Frebniis malware

Warning! Android phone 0:10:35

Warning! Android phone remote control // Hackers can hack your phone

Ransomware Attack Simulation 0:09:39

Ransomware Attack Simulation

how to get 0:20:08

how to get remote access to your hacking targets // reverse shells with netcat (Windows and Linux!!)

[25] Making Fun 0:06:31

[25] Making Fun of Your APT Malware - Hacking Bitter APT's ZxxZ Backdoor

How to know 0:10:19

How to know if your PC is hacked? Suspicious Network Activity 101

Remotely Control Any 0:04:44

Remotely Control Any PC With This Simple Tool!

Комментарии
Автор

These videos are always a great way to learn something without too much detail that I lose interest. Thanks for making such helpful content

DarkFaken
Автор

Found this the other day on linkedin and was dismissed as it needing admin, however this has been informative! thanks!

chrisweaver
Автор

Information about access control list (ACL). Thanks John!

An access control list (ACL) is a list of access control entries (ACE). Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee. The security descriptor for a securable object can contain two types of ACLs: a DACL and an SACL.

A discretionary access control list (DACL) identifies the trustees that are allowed or denied access to a securable object. When a process tries to access a securable object, the system checks the ACEs in the object's DACL to determine whether to grant access to it. If the object doesn't have a DACL, the system grants full access to everyone. If the object's DACL has no ACEs, the system denies all attempts to access the object because the DACL doesn't allow any access rights. The system checks the ACEs in sequence until it finds one or more ACEs that allow all the requested access rights, or until any of the requested access rights are denied.

A system access control list (SACL) allows administrators to log attempts to access a secured object. Each ACE specifies the types of access attempts by a specified trustee that cause the system to generate a record in the security event log. An ACE in an SACL can generate audit records when an access attempt fails, when it succeeds, or both.

Don't try to work directly with the contents of an ACL. To ensure that ACLs are semantically correct, use the appropriate functions to create and manipulate ACLs.

ACLs also provide access control to Microsoft Active Directory service objects. Active Directory Service Interfaces (ADSI) include routines to create and modify the contents of these ACLs.

perryuploads
Автор

Loving these living off the land videos, I'm starting to get more and more into Windows Internals for sysadmin and security, really awesome timing that this video showed up.

fraznofire
Автор

Great explanation and also great real example John. Thank you.

tomasgorda
Автор

This video is full of powerful experiences!!! thanks for making such content!

obaidullahnoori
Автор

John I love your work and you inspire me daily.

NahImPro
Автор

i need try it😊 john thank you for tutorial!!

bnkzfp
Автор

I did not understand much honestly.... But great video again! Thanks!

Polandisch
Автор

For sc sdset should not be as loud based on the parameters provided. So that’s the 3rd layer of detection via winevent logs - cheers! Happy hunting

udotcarter
Автор

I'm no cyber security expert but this seems like very overcomplicated UBA... You really have to dedicate yourself to the Microsoft world to fully understand the access control in Windows.

sam-urrz
Автор

Bravo 👏🏼 Always fantastic content. Does a simple “revert all to defaults, e.g., fresh install” command(s) exist? Appreciate ya!

mmm-cake
Автор

John why do you look so happy about this YT Video?

dcriley
Автор

This video really spoke to me, Ive been working in IT for a few years and am basically a beginner with some novice understanding of Microsoft and barely any knowledge in Linux. Does anyone here have any recommendations on where to start working in security with my profile? Like what courses (paid is fine, or free) should I start in order to get going?

vinceb
Автор

We need a linux version of this. How hackers backdoor into linux desktops please!

therealb
Автор

Would love to see more videos on MacOS/iOS.. your videos are great but I’m not sure if they apply to me :(

gregsayshi
Автор

It's all fun and games until the FBI kicks in your door at 4am

maddogmaz
Автор

How about making a video explaining how to combatant against this backdoor, and what to do if it has already been executed on your pc?

liljoker
Автор

I love the activate windows water mark lol

jimmyscott
Автор

Microsoft still says (IIRC) that basically administrators are expected to be able to do this sort of thing, so if such an account is allowed to be run by a malicious actor, that's basically game over. On the other hand, if that's really the expectation, why do they keep trying to stop Mimikatz?

logiciananimal