To start with, a vulnerability is a weakness in the target system which creates a security risk - that it can be exploited.
An exploit is a way, a piece of code that can trigger & take advantage of a vulnerability.
A payload is the actual component in the attack which 'do' things for an attacker.
Therefore, a payload must have at least 2 components in it:
1. Communications capability - set up communication channel for the attacker
2. Functionality - defines what all actions an attacker can perform
Metasploit provides 2 types of payloads:
In continuation to reverse engineering malware series, this is the fifth post. I will recommend that you read my first, second, third and fourth posts to be in sync with whole exercise. In previous posts, we performed behavioral and code analysis of the malware specimen - slackbot. We identified that the bot executable was packed with UPX packer. Since UPX has native unpacking capabilities as well, we had unpacked the specimen exe and learnt more about its code & operations during code analysis. Subsequently we were able to gain control over the bot.
This is in continuation to my previous posts on reverse engineering malware. Therefore, I would strongly recommend that you go through the posts one, two, and three, before moving forth with this one. If you recall, in the last post, we used disassembling and debugging techniques on the specimen to our utility and successfully identified the correct IRC login password. But is there a way to simply modify or bypass this whole password protection mechanism in the bot? If authentication process can be controlled, that'd be awesome. So, here it is; this post will show you just that.