Trojan Advice?

John11 · Post by **John11** » 16 Jul 2007, 09:00

Hey guys,

Im new here this site is awesome i had learned quite a lot and its only been a day! I was just hoping somebody could help me with a couple of questions

Ok Tropjans, i have downloded and tryed a few from the suck-o downloads section, i have done research in these forums to save asking the same questions as i no thats annoying for admins

i have been testing the trojans with a friend, i will send him the server he will run it, and i will try to connect to him but i never seem to get a connected, he opened port 2000 just for a test and i still cant seem to connect to him, i even run superscan4 on both him and my i.p after opening ports and that program dosent show me any open ports, any advice would be greatly appreciated guys

Post by **bad_brain** » 16 Jul 2007, 09:09

are you sure you're trying to connect to the right port? I recommend to get TCPview from the downloads, and then check the listening ports when running the trojan server....

John11 · Post by **John11** » 16 Jul 2007, 09:12

Im quite sure im trying to connect to the right port but not 100%, will do that bad_brain, thanks a lot ill give it a go

! x

Post by **ayu** » 16 Jul 2007, 09:22

Is your friend opening a port in his firewall on his computer?....and does he have a router?

John11 · Post by **John11** » 16 Jul 2007, 09:57

he opened the ports on his router through his pc mm

can we go back to basics?

1 - Recommend most 'easy-to-use/most-succesfull' trojan: ?
2 - Obtain users i.p: Easy todo.
3 - Get user to enable trojan: circumstancial.
4 - Find open ports speicific to the user: mm superscan4 dosent seem to obtain them? suggestions? seems to be biggest hurdle (for me)

would somebody mind giving advice on that ^^

xx thankyou

Post by **bad_brain** » 16 Jul 2007, 13:12

superscan is just scanning a list of common ports per default, have you added the port you're looking for to the list?
was the server shown as listening on the target machine when you checked it with netstat?

been a while since I played with RATs, but for a quick test on LAN or together with a buddy good old sub7 is still the best choice imo.
the most successful trojan is the one you coded by your own, because every trojan makes it into the virus definition lists pretty quick when it was released to the public....and because of the "clumsy" way RATs work they are just a thread to computer illiterates imo. rootkits are the future, RATs are like remains of the past...

Losing_grip · Post by **Losing_grip** » 27 Jul 2007, 22:13

Direct Connection Trojans are old , try reverse connection trojan such as Poison Ivy 2.3

bubzuru · Post by **bubzuru** » 28 Jul 2007, 00:31

or beast

or you could just get metasploit and bind a shell i bet his box is not patched

mystikblaze · Post by **mystikblaze** » 28 Jul 2007, 19:52

p99 · Post by **p99** » 28 Jul 2007, 19:55

Oh your my new best friend! I totally agree with that statement. You will know more about programming, You will know EXACTLY what it does (some trojans tend to have shit put in to fuck with the user as well as the victim.

And Bypassing things isn't that hard. Install all kinds of av and build your virus from 0 ground. You can then find out what is detected by standard av and find ways to bypass or trick the AV/firewall.