Difference between revisions of "Poison Ivy"
Jump to navigation
Jump to search
m (1 revision imported) |
m (Text replacement - "=Unknown" to "=") |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
|Target=Microsoft Windows | |||
|UserAgent= | |||
|CCProtocol=TCP/3360 | |||
|Status= | |||
|BeginYear= | |||
|EndYear= | |||
|Group=RAT, Spying, | |||
|Commercialisation=* Le RAT est disponible ici : http://www.poisonivy-rat.com/ | |Commercialisation=* Le RAT est disponible ici : http://www.poisonivy-rat.com/ | ||
|Language1=English | |Language1=English | ||
|OS2=Linux with Wine | |OS2=Linux with Wine | ||
|Vendor1=Shapeless | |Vendor1=Shapeless | ||
|Victime4= | |Victime4= |
Latest revision as of 15:44, 8 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Poison Ivy | |
---|---|
Alias | |
Group | RAT, Spying |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | |
UserAgent | |
CCProtocol | TCP/3360 (Port) |
Activity | / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
Features
Associated images
Checksums / AV databases
Publications
- Serveur Buffer Overflow (exploit Metasploit) pour la version 2.3.2 : http://www.metasploit.com/modules/exploit/windows/misc/poisonivy_bof
- Script nmap pour détecter la présence de PoisonIvy : http://alienvault-labs-garage.googlecode.com/files/poison_ivy.nse