Data exfiltration tool PTP-RAT encodes data in pixel colour values

by helpnetsecurity 10/11/2017 at 12:35
Comments Off on Data exfiltration tool PTP-RAT encodes data in pixel colour values

How to exfiltrate data from a machine that doesn’t have file transfer capabilities or whose Remote Desktop Protocol (RDP) connection has been locked down, making it impossible to send files? PenTestPartners consultant Alan Monie has a solution: PTP-RAT (aka The Rat). About PTP-RAT PTP-RAT is a proof-of-concept tool for exfiltrating data over screen interfaces, and it does so by encoding the data meant for exfiltration in pixel color values and flashing the remote screen. This … More →