New ElevenPaths Discovers: “NetcaTor, reverse shell via Tor”
One of the main challenges for an attacker is always the gathering of information concerning the victims computer while keeping a low profile so the attacker cannot be found or traced while doing it or anytime later.
In this research, our experts at ElevenPaths developed a proof of concept to show how simple it is to route a victim’s traffic though the tor network.
One of the weaknesses of the attackers when they´re exfiltrating compromised information is that they expose part of their technological infrastructure during the process. In this sense, the Tor network offers the possibility of making services in a machine accessible as hidden services, by taking advantage of the anonymity it offers and thereby preventing the real location of the machine from being exposed. ElevenPaths unveils the technical possibility this offers a hypothetical attacker for covering his tracks by being able to route his victim´s traffic through Tor.