I'm interested in using something like OllyDbg to learn about a program that potentially has trojan-like characteristics.
Does anyone know good tutorials on how to do this safely?
In principle, the program is a βbotβ for a video game, but I suspect that it has back doors and / or uploads information that it collects (for example, passwords) to a remote server.
I would like to find the URLs or IPs that he is trying to connect to and not allow this, etc., so I guess this is a little more specific than a typical βhackingβ program; What interests me most is the question of how to do this, and to prevent them, or to deceive it, thinking that it was successful.
Also, I am wondering how to track encrypted network traffic. How can I determine the keys and encryption algorithms that the program uses to encrypt what it sends over the network? (I ask because I am interested in creating a third-party client to emulate communication with the game server, and I cannot do this without knowing how to detect the keys used)
source
share