Young hacker smiling

We hack your software

zero false positives

Expert intelligence + effective automation

Commands

Cyberweapon developed completely by Fluid Attacks for in depth penetration of work stations and critical servers during the Pentests where its use is authorized in our One-Shot Hacking Service.

Purpose

We are not only interested in finding vulnerabilities, but also in demonstrating to the client the potential risks and direct impact these vulnerabilities can have on their business. To do this we must have control of multiple critical systems in order to create a network of infected nodes that we control to obtain sensitive information or further infect other nodes.

Código propagándose en varios servidores
Flechas entrando en un computador

How we do it

In order to use FLUIDCommands, first we need administrative access to the vulnerable system. We achieve this through the manual tests executed by our experts. Once we have administrative access we can proceed to remotely infect the first machine. With the first machine compromised, and which we now control, we can expand and infect other connected nodes or focus on this first machine. If we focus on the first infected machine we can do an in-depth search looking for sensitive information or new and bigger attack vectors.

Zero Collateral Damage

It is important to note that the commands cyberweapon is never installed on the vulnerable system as a service nor an automatic running task. Once all tests have concluded it is remotely uninstalled without leaving any trace or collateral damage.

Símbolo de calavera con un signo de verificación
Consola de control
Image taken from Darpa

Command and Control Center

FLUIDCommands uses a Command and Control Center from which we can send orders, or commands, to our botnet of infected nodes. The Command and Control Center communicates with all infected nodes through a reverse proxy using ICMP, always giving us full control over our cyberweapon. With only one infected node, commands can spread remotely to neighboring systems.

Capture Feature

  • Screen Shot: Through the scr command we can take a screen capture of the infected machine without alerting the victim.

  • Audio capture: Using the mic command we can open your microphone and capture live audio.

  • Keylogger: The keylog command allows us to capture and log all your keyboard strokes in order to obtain sensitive data, such as credentials or credit card info.

Toma de pantallazo
Ejecución del comando psexec

exec Feature

This feature allows us to remotely execute any command available through cmd on the infected machine.

echo Feature

This command is used to test the connection and assure we have control of the infected node. It echos back whatever we pass to it.

Ejecución del comando echo
Símbolo de calavera con un signo de escondido

Detection Evasion

Our cyberweapon avoids being detected by all AntiX and SOC controls by masking all requests and commands under a familiar and trusted protocol.


Service status - Terms of Use