remote control system v5.1 - WikiLeaks

Download PDF
18 downloads 225 Views 2MB Size Report
Comment
users) by residential and business users, is a nightmare for LEAs ... Skype is ubiquitous (same phone number, location .
!"#$%"&'$(%!$)&*+*%"#&V5.1 ,&*-./0-12&*345/6.78/9.:&*49-.;&?@AB2&CA-@AB& /A:&#=A@-=6@AB&'=;3D-.69&/A:&*;/6-31=A.9E&FD00& @[email protected]>.&=A&-/6B.-&D9.69&.G.A&643-.:& >=;;DA@>/-@=A9 H*?43. IJI 9.>D6. 5.K ;/@0 .-> L >=;;DA@>/-@=A9&H*?43.2&IJI2&9.>D6.&5.K&;/@02&.->EL ME&N@A>.AO.--@2&NE&8.:.9>1@ M N@A>.AO.--@ N 8.:.9>1@ 555E1/>?@AB-./;E@P

Offensive security technology RCS - Remote Control System tool for Law Enforcement Agencies David Vincenzetti HT Srl - Italy Q

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

T

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

U

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

V

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

W

Introduction

X

S ?@ % S/>?@AB&%./; !

S% *60 @9 / PYYZ C-/0@/A >=;3/A4 1@ /A: M/G@: N@A>.AO.--@E N.A-D6. K/>?.: @A QYYX K4 -5= C-/0@/A N' ?.:

!

%1. >=;3/A4 @9 /A />-@G. 30/4.6 @A -1. C% 9.>D6@-4 ;/6?.- /A: @- [email protected] -= /--/>? /A: >=A-6=0 -/6B.- I'9 from a remote location R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

[

\1 - - 00 1 \1/-&/>-D/004&1/33.A9 ! ! ! !

C% =1A=0=B4 C-]9 B6=5@AB G.64 /D9. =< 31.A=;.A/ 9D>1 /9 -.66=6@9;2 @A:D9-6@/0 .93@=A/B. /A: @A9@:.6 -6/:@AB ,:G/A>.: D9. =< -1. CA-.6A.- K4 -.66=6@9-9 ;/?.9 )",9 @A>6./9@AB04 A.6G=D9 " "^/;30._ 0 -1. -1 .^3=A.A-@/0 -@ 0 B6=5-1 -1 =643-.: - : N=CI N CI >=;;DA@>/-@=A9 HSkype >0/@;9 TYY` ;@00@=A9 =< D9.69L K4 6.9@:.A-@/0 /A: [email protected] D9.692 D9.69 is a nightmare for LEAs R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

a

\1 - - 00 1 \1/-&/>-D/004&1/33.A9 !

C643-9 =A0@A. >=AG.69/-@=A9 K4 :./-@=A -@ @A:.3.A:.A-L ! *?43. 43 @9 0@?.04 4 -= K. =A. =< -1. =;;DA@>/-@=A K4 -.>179/GG4 >6@;@A/09 !

!

%1.AEEE Governments should use spyware-based wiretapping technologies (that is, offensive technologies) to foil tech-savvy y criminals’ communications ! H*=;. >[email protected] 9-@00 0/>? / 0/5 -1/- 5=D0: /00=5 -1. /D-1=6@[email protected] -= 934 =A 9D93.>-.: >6@;@A/09 K4 9.>6.-04 @A9.6-@AB cremote remote forensic software softwared @A-= -1.@6 >=;3D-.69L !

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

PY

I/99@G.&;=A@-=6@AB&@9& D9.0.99&/B/@A9-&;=9-& .A>643-.:&>=;;DA@>/-@=A& 949-.;9&H9D>1&/9&*?43.L 4 H 43 L R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

PP

$/-@=A&949-.;9 4 R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

PQ

$/-@=A&949-.;9 4 NYXEYaEQV&R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

PT

\1 C% .A/6@=_ 51.A =00/6 >6@;.92 CEIE -1.?@AB&%./; ,00&!@B1-9&!.9.6G.:

PV

! !.;=-.&'=A-6=0&*49-.; - ' - 0* !

!

!

Remote Control System is an IT stealth investigative tool for LEAs. LEAs (It is offensive security technology. It is spyware. It is a trojan horse. It is a bug. It is a monitoring tool. It is an attack tool. It is a tool for taking control of the endpoints, that is, the PCs) C- 3.6;@-9 3/99@G. ;=A@-=6@AB /A: active >=A-6=0 =< /00 :/-/ /A: 36=>.99.9 =A 9.0.>-.: -/6B.>=;3D-.69E >=;3D-.69 *D>1 >=;3D-.69 ;@B1- =6 ;@B1- A=- K. >=AA.>-.: -= -1. CA-.6A.-E CA-.6A.R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

PW

Functionalities

PX

# @- @ #=A@-=6@AB&/A:&)=BB@AB& :) @ Remote Control System >/A ;=A@-=6 /A: 0=B /A4 />-@=A 3.6D;.A-9 '1/-2 .;/@02 @A9-/A- ;.99/B@AB !.;=-. ,D:@= *34 '/;.6/ 9A/391=-9 Skype HN=CIL >=AG.69/-@=A9 b R&S/>?@AB %./; ,00&!@B1-9&!.9.6G.:

P[

I' I'&/6>1@-.>-D6.9 1@- ! ! ! ! !

\@A:=59&iI \@A:=59&QYYT \@A:=59&N@9-/ jPYa_&#,'&$* jPYa #,' $* jUYa_&)@AD^

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

Pa

# @- @ #=A@-=6@AB&/A:&)=BB@AB& :) @ Remote Control System >/A ;=A@-=6 /A: 0=B /A4 />-@=A 3.6. >/009 @A-.6>.3-@=A b R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

QY

* *;/6-31=A.9&/6>1@-.>-D6.9 - 1 1@- ! ! ! ! !

\@A:=59&#=K@0.&V \@A:=59&#=K@0.&W jPYa_&@I1=A. jUYa !C#f80 ?8 jUYa_&!C#f80/>?8.664 jUYa_&*4;K@/A 4

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

QP

C @ @K@0@CAG@9@K@0@-4 ! !

,00=59 ;=A@-=6@AB H/00L I' D9.6]9 />-@G@[email protected] ,. " \1@>1&>/A&K.&@A9-/00.:&remotely ! '=;3D-.6&>/A&K.&KDBB.:&K4&;./A9&=-=69 ! [email protected]>.&@AD-/K0.&;.0-@AB&-==0 " S%%I&CAl.>-@=A&I6=^4 " S%&m.6=7:/4&"^30=@-9&0@K6/64&H0@K6/64&@9& c@A:@6.>-04d @A:@6.>-04 &/>>.99.:&K4&>D9-=;.6L />>.99.: K4 >D9-=;.6L " S%&>=A9D0-/A>4_&/A=A4;=D9&/--/>?& 9>.A/6@= /A/049@9 /--/>? >==?K==? 9>.A/6@=&/A/049@92&/--/>?&>==?K==? "

! "EBE2&#=G@AB&-/6B.-&D9@AB&*?43.

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

QV

) )=>/0&H3149@>/0L&@A9-/00/-@=A 0 H 1 @ 0L @ - 00 -@ !

)=>/0&@A-@=A&G.>-=69 H8==-/K0.L&'M7!$# H8==-/K0.L 'M7!$# " H8==-/K0.f,D-=6DAL&h*8&3.A&:6@G. " M@6.>-&1/6:&:@9?&@A-@=A&K4&;./A9&==;3D-.6&>/9. " [email protected]/6.&I=6-fI'#'C,&/--/>?9 " S%&>=A9D0-/A>4_&/A=A4;=D9&/--/>?& 4 4 9>.A/6@=&/A/049@92&/--/>?&>==?K==? "

! "EBE2&CA-.6A.-&'/=D0:&A=-&5=6?& 5@-1=D-&-1.&/0/K@0@-4&HK.@AB&D9.:&K4& o * 0 K@0@- HK @ :K ;/A4&>[email protected]&@A&6./0&9.>D6@-4&9>.A/6@=9L Centralized management of unlimited HETEROGENEUS targets R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

QX

www.hackingteam.it g

R&S/>?@AB&%./; ,00&!@B1-9&!.9.6G.:

Q[