Pacdoor

Pacdoor is a proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File. Pacdoor includes a 2-way communication channel, ability to exfiltrate HTTPS URLs, disable access to cherry-picked URLs etc.

It was released as part of the Crippling HTTPS with Unholy PAC talk given at BlackHat USA 2016 conference by Itzik Kotler and Amit Klein from SafeBreach Labs.

Slides are availble here

Version

0.1.0

Installation

Pacdoor requires Python 2.7.x to run.

$ git clone https://github.com/SafeBreach-Labs/pacdoor.git
$ cd pacdoor
$ cd server
$ pip install -r requirements.txt

License

BSD 3-Clause



Pacdoor

Pacdoor是作为代理自动配置(PAC)文件实现的概念证明JavaScript恶意软件。 Pacdoor包括一个双向通信通道,能够渗透HTTPS URL,禁止访问樱桃选择的URL等。

它是作为使用Unholy PAC生成的HTTPS的一部分来自 SafeBreach实验室的Itzik Kotler和Amit Klein在BlackHat USA 2016会议上发表的演讲。

幻灯片可以这里< / a>

版本

0.1.0

安装

Pacdoor需要 Python 2.7.x才能运行。

$ git clone https://github.com/SafeBreach-Labs/pacdoor.git
$ cd pacdoor
$ cd server
$ pip install -r requirements.txt

许可证

BSD 3条款




相关问题推荐