Trojan horses :
Torjan's are most common tool for hackers.Trojan’s are probably the most compromising of all types of attacks.
Trojans are being released by the hundreds every week, each more
cleverly designed that the other. We all know the story of the
Trojan horse probably the greatest strategic move ever made.
Trojans are definitely one of the tools that “hackers” use.
Some common features with Trojans are as follows:
• Open your CD-Rom drive
• Capture a screenshot of your computer
• Record your key strokes and send them to the “Hacker”
• Full Access to all your drives and files
• Ability to use your computer as a bridge to do other
hacking related activities.
• Disable your keyboard
• Disable your mouse…and more!
Let’s take a closer look at a couple of more popular
Trojans:
• Netbus
• SubSeven
The Netbus Trojan has two parts to it as almost all Trojans do.
There is a Client and a Server. The server is the file that
would have to get installed on your system in order to have
your system compromised.
There are hundreds of Trojans. To list them all would make
this manual extremely long. For definition purposes we’ll focus
on a couple.
Sub Seven :
The Sub Seven Trojan has many features and capabilities.
is in my opinion by far the most advance Trojan I have see
Take a look at some of the features of Sub Seven.
• address book
• WWP Pager Retriever
• UIN2IP
• remote IP scanner
• host lookup
• get Windows CD-KEY
• update victim from URL
• ICQ takeover
• FTP root folder
• retrieve dial-up passwords along with phone numbers
and usernames
• port redirect
• IRC bot. for a list of commands
• File Manager bookmarks
• make folder, delete folder [empty or full]
• process manager
• text 2 speech
• Restart server
• Aol Instant Messenger Spy
• Yahoo Messenger Spy
• Microsoft Messenger Spy
• Retrieve list of ICQ uins and passwords
• Retrieve list of AIM users and passwords
• App Redirect
• Edit file
• Perform clicks on victim's desktop
• Set/Change Screen Saver settings [Scrolling Marquee]
• Restart Windows [see below]
• Ping server
• Compress/Decompress files before and after transfers
• The Matrix
• Ultra Fast IP scanner
• IP Tool [Resolve Host names/Ping IP addresses]
• Get victim's home info [not possible on all servers]:
- Address
- Bussiness name
- City
- Company
- Country
- Customer type
- E-Mail
- Real name
- State
- City code
- Country code
- Local Phone
- Zip code
Netbus:
NetBus is an older Trojan however nonetheless is still used.
It consists of a server and a client-part. The server-
part is the program which must be running on your
computer. This should give you an idea of what Netbus is
capable of.
Netbus Features:
• Open/close the CD-ROM once or in intervals (specified in
seconds).
• Show optional image. If no full path of the image is given it
will look for it in the Patch-directory. The supported image-
formats is BMP and JPG .
• Swap mouse buttons – the right mouse button gets the left
mouse button’s functions and vice versa.
• Start optional application.
• Play optional sound-file. If no full path of the sound-file is
given it will look for it in the Patch-directory. The supported
sound-format is WAV.
• Point the mouse to optional coordinates. You can even
navigate the mouse on the target computer with your own.
• Show a message dialog on the screen. The answer is always
sent back to you.
• Shutdown the system, logoff the user etc.
• Go to an optional URL within the default web-browser.
• Send keystrokes to the active application on the target
computer. The text in the field ”Message/text” will be
inserted in the application that has focus. (”|” represents
enter).
• Listen for keystrokes and send them back to you.
• Get a screendump (should not be used over slow
connections).
• Return information about the target computer.
• Upload any file from you to the target computer. With this
feature it will be possible to remotely update Patch with a
new version.
• Increase and decrease the sound-volume.
• Record sounds that the microphone catch. The sound is sent
back to you.
• Make click sounds every time a key is pressed.
• Download and deletion of any file from the target. You
choose which file you wish to download/delete in a view that
represents the harddisks on the target.
• Keys (letters) on the keyboard can be disabled.
• Password-protection management.
• Show, kill and focus windows on the system.
• Redirect data on a specified TCP-port to another host and
port.
• Redirect console applications I/O to a specified TCP-port
(telnet the host at the specified port to interact with the
application).
• Configure the server-exe with options like TCP-port and mail
notification.
cleverly designed that the other. We all know the story of the
Trojan horse probably the greatest strategic move ever made.
Trojans are definitely one of the tools that “hackers” use.
Some common features with Trojans are as follows:
• Open your CD-Rom drive
• Capture a screenshot of your computer
• Record your key strokes and send them to the “Hacker”
• Full Access to all your drives and files
• Ability to use your computer as a bridge to do other
hacking related activities.
• Disable your keyboard
• Disable your mouse…and more!
Let’s take a closer look at a couple of more popular
Trojans:
• Netbus
• SubSeven
The Netbus Trojan has two parts to it as almost all Trojans do.
There is a Client and a Server. The server is the file that
would have to get installed on your system in order to have
your system compromised.
There are hundreds of Trojans. To list them all would make
this manual extremely long. For definition purposes we’ll focus
on a couple.
Sub Seven :
The Sub Seven Trojan has many features and capabilities.
is in my opinion by far the most advance Trojan I have see
Take a look at some of the features of Sub Seven.
• address book
• WWP Pager Retriever
• UIN2IP
• remote IP scanner
• host lookup
• get Windows CD-KEY
• update victim from URL
• ICQ takeover
• FTP root folder
• retrieve dial-up passwords along with phone numbers
and usernames
• port redirect
• IRC bot. for a list of commands
• File Manager bookmarks
• make folder, delete folder [empty or full]
• process manager
• text 2 speech
• Restart server
• Aol Instant Messenger Spy
• Yahoo Messenger Spy
• Microsoft Messenger Spy
• Retrieve list of ICQ uins and passwords
• Retrieve list of AIM users and passwords
• App Redirect
• Edit file
• Perform clicks on victim's desktop
• Set/Change Screen Saver settings [Scrolling Marquee]
• Restart Windows [see below]
• Ping server
• Compress/Decompress files before and after transfers
• The Matrix
• Ultra Fast IP scanner
• IP Tool [Resolve Host names/Ping IP addresses]
• Get victim's home info [not possible on all servers]:
- Address
- Bussiness name
- City
- Company
- Country
- Customer type
- Real name
- State
- City code
- Country code
- Local Phone
- Zip code
Netbus:
NetBus is an older Trojan however nonetheless is still used.
It consists of a server and a client-part. The server-
part is the program which must be running on your
computer. This should give you an idea of what Netbus is
capable of.
Netbus Features:
• Open/close the CD-ROM once or in intervals (specified in
seconds).
• Show optional image. If no full path of the image is given it
will look for it in the Patch-directory. The supported image-
formats is BMP and JPG .
• Swap mouse buttons – the right mouse button gets the left
mouse button’s functions and vice versa.
• Start optional application.
• Play optional sound-file. If no full path of the sound-file is
given it will look for it in the Patch-directory. The supported
sound-format is WAV.
• Point the mouse to optional coordinates. You can even
navigate the mouse on the target computer with your own.
• Show a message dialog on the screen. The answer is always
sent back to you.
• Shutdown the system, logoff the user etc.
• Go to an optional URL within the default web-browser.
• Send keystrokes to the active application on the target
computer. The text in the field ”Message/text” will be
inserted in the application that has focus. (”|” represents
enter).
• Listen for keystrokes and send them back to you.
• Get a screendump (should not be used over slow
connections).
• Return information about the target computer.
• Upload any file from you to the target computer. With this
feature it will be possible to remotely update Patch with a
new version.
• Increase and decrease the sound-volume.
• Record sounds that the microphone catch. The sound is sent
back to you.
• Make click sounds every time a key is pressed.
• Download and deletion of any file from the target. You
choose which file you wish to download/delete in a view that
represents the harddisks on the target.
• Keys (letters) on the keyboard can be disabled.
• Password-protection management.
• Show, kill and focus windows on the system.
• Redirect data on a specified TCP-port to another host and
port.
• Redirect console applications I/O to a specified TCP-port
(telnet the host at the specified port to interact with the
application).
• Configure the server-exe with options like TCP-port and mail
notification.
Posts
No comments:
Post a Comment