does netcat's SSL feature prevent the victim from tracking the hacker in any way?
#21
(04-25-2020, 03:57 PM)Dismal_0x8 Wrote:
QMark Wrote:Right so I mean if can SSL be used to obfuscate traffic? What I am saying is given that anonymity measures are taken separately, can SSL be used to prevent forensics experts from figuring out what you did, and thus help prevent them from arriving at the attackers door by tracking them based on forensic evidence?

Like wouldn’t it be a contributing factor?

No it would not. Unless you're talking about the likelihood that they detect you in the first place. But once they realize the traffic and your program as malicious it doesn't help you.

But is does help prevent from being detected to begin with?

That answers my question.
Reply
#22
(04-30-2020, 05:54 AM)QMark Wrote:
(04-25-2020, 03:57 PM)Dismal_0x8 Wrote:
QMark Wrote:Right so I mean if can SSL be used to obfuscate traffic? What I am saying is given that anonymity measures are taken separately, can SSL be used to prevent forensics experts from figuring out what you did, and thus help prevent them from arriving at the attackers door by tracking them based on forensic evidence?

Like wouldn’t it be a contributing factor?

No it would not. Unless you're talking about the likelihood that they detect you in the first place. But once they realize the traffic and your program as malicious it doesn't help you.

But is does help prevent from being detected to begin with?

That answers my question.
You got it
Reply
#23
(05-01-2020, 01:34 AM)Dismal_0x8 Wrote: You got it

So the simple answer to my question as to whether or not it would help prevent the hacker from getting caught is it would prevent people from knowing the hacker did what they did in the first place.

Would they not notice that damage was mysteriously done? Is that a lot more difficult if its a ghost hacker that just looks at information but rarely, if ever, does anything with it? You know like someone that breaks into things to see if they can and simply looks at different information somewhere as an interesting read and reward?
Reply
#24
(05-01-2020, 05:29 AM)QMark Wrote:
(05-01-2020, 01:34 AM)Dismal_0x8 Wrote: You got it

So the simple answer to my question as to whether or not it would help prevent the hacker from getting caught is it would prevent people from knowing the hacker did what they did in the first place.

Would they not notice that damage was mysteriously done? Is that a lot more difficult if its a ghost hacker that just looks at information but rarely, if ever, does anything with it? You know like someone that breaks into things to see if they can and simply looks at different information somewhere as an interesting read and reward?

To answer the first question, in a way... I guess you could look at it that way. The way it helps you is it prevents any IDS/IPS (intrusion detection/prevention system) or system admin from seeing your network traffic flowing between you and the shell, virus, or whatever. It does not help you after the malware or shell is discovered.
Second question: notice damage? I'm not sure what damage you're talking about. If a hacker simply broke in to look at information (not sure why you'd do this though) then yes, it would be more stealthy than if you fucked up stuff or whatever. That sounds almost like APT-type stuff. But you still have a process running on the system which can be seen, you still have network traffic which can be seen, and whether you like it or not it's hard to not appear in logs somewhere. If you're trying to do that grey-hat thing of break in and just "look" at information, first of all why would you "just look" at stuff? If you're really grey hat then fix the issue that allowed you in, leave a note for the system owner that tells them they have a problem and how to fix it. Keep in mind this is still illegal.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  How far does wifi pineapple reach? QMark 4 7,080 03-14-2019, 02:42 PM
Last Post: MuddyBucket
  Defeating TLS with SSL-Logs. QMark 3 5,064 08-29-2018, 11:19 AM
Last Post: illmanors
  /prevent-memcached-ddos kms 1 3,558 03-08-2018, 11:30 PM
Last Post: Insider