Checking for backdoor in windows application

asked 2021-07-07 22:19:45 +0000

I have a windows application that I'm trying to vet and see whether or not it "calls home" and sends my sensitive data, in other words, a backdoor. I have heard that someone was able to tell that a different application sent a config file to a server, how did they do this? Aren't the packets usually encrypted? Could Wireshark do this? My understanding of this topic is poor. Furthermore, I read a quote on a forum which concerns me:

"Example: I have a backdoor which is a sleeper. I extend my application, and then I trigger a port open through a certain packet the application looks for, then boing, I'm in the machine. Maybe today, 1 month, 1 year, 10 years. I don't know when. So running wireshark doesn't help."

I really need some insight here.

edit retag flag offensive close merge delete