A PROXY VIRUS CAN DO THIS! HOW EASY... 😲

Tech Raj

ethical hacking internet hacking man in the middle attack network hacking proxy automatically turning on proxy malware proxy server in python proxy virus proxy virus removal python proxy remove virus sniffing data stealing http data tech raj virus what is man in the middle attack

description

To learn about what is a USB Rubber Ducky, watch this video : https://goo.gl/4y8g3y

A week back I’m browsing Internet on my Windows PC and all of a sudden I couldn’t access the internet. There is no problem with the Internet connection as all of my other devices are still able to access the Internet. So, I checked the proxy settings on my Windows PC and realised that a proxy address is created without my knowledge. I immediately turned off the proxy and tried accessing the Internet but still I couldn’t access it. I checked my proxy settings and my proxy is again automatically turned on.

I then realised that it is a malware trying to turn on my proxy settings automatically. I somehow got rid got rid of the malware. But I want to show you guys why it is so bad if your PC is connected to a proxy without your knowledge.

So, I decided to create a malware like that myself and show you how it works and what It does.

First, I’ve written a python script which will listen to the address 127.0.0.1 (which is localhost) and on the port 1560.

So if we just change the proxy settings of a PC to this address and port, our script can receive and send the data to the browsers. Once the data is received by my script, I’m forwarding this data to a particular host on a particular port number. This particular host and particular port is going to be the server of the attacker (in this case, me). Once my script sends the data to the server, it also waits for a response back from the server. Once it receives the response back from the server, it forwards this response to the web browser of the PC.

So, this makes a simple python script which is to be run on the victim’s PC (which in this case, Is my friend’s PC). I will now save this script on the Internet so that it can be downloaded when needed on to the victim’s PC

Now I need to write another script which will capture or sniff the data that the script on victim’s PC is sending. This script should be run on a server, so that the data can be received and sent to the victim’s PC from anywhere on the Internet at any time.

But since I don’t have a personal server, I will use my MacBook as the server with the help of ngrok. Using ngrok I first create a secure tunnel from my localhost to the ngrok server.

By doing this, my localhost will be accessible anywhere on the Internet with the address of ngrok and a unique port number.

I then write the script which needs to be run on the attacker’s machine in-order to act as a man in the middle and sniff data. First I’m listening to 127.0.0.1 and port 1234. Also remember that I’ve already configured ngrok to create a tunnel from my localhost with port 1234 to ngrok’s server.

So, whenever I’m listening to 127.0.0.1 with port 1234 it means that ... https://www.youtube.com/watch?v=IK9jaQEBZ5U

created

2021-06-03

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

64731412 Bytes