Stealth Implant Development – Bachelor Thesis Project at FH OÖ Hagenberg
Developing a stealth implant to maintain controlled access within a target network represents a technical and key challenge for red team assessments, but it is feasible. Andreas demonstrated this in his bachelor's thesis at the University of Applied Sciences Upper Austria, Hagenberg Campus, which we supervised.
In addition to software development, physical factors such as camouflaging the device and ensuring a stable network connection also played a crucial role for the successful realization of the project.
This was solved by analyzing current IDS technologies in preparation for the development of the implant and identifying their protective mechanisms, allowing for various strategies to circumvent these protections. Once the circumvention methods were defined, a prototype of the stealth implant was developed, based on a Raspberry Pi Compute Module 4 with dual Gigabit Ethernet and 4G connectivity. This was then used to implement a custom software solution that enables semi-automated network manipulation and covert communication. In addition, a custom housing was designed and printed for the implant to camouflage the device using 3D printing.
The results of this thesis demonstrate that sustainable persistence in networks is feasible through a combination of hardware and software techniques. In practice, this should help red teams ensure persistent access to corporate networks without requiring laborious manual work before and during an assessment.
We are excited about the results of this interesting work and congratulate Andreas on graduating with an honors degree.