trojan/virus questions

Kirk · Post by **Kirk** » 16 Aug 2009, 14:52

How would a trojan work? Let say I include an autorun and the Aladino trojan on a disk. Unsuspecting prey runs the CD and BAM, installed on the computer. Well, the Aladino trojan allows remote connect through port 5050. But how do I connect to the computer? Telnet? And if so that means I have to have the IP, right? Is there some way to have it 'call' me and let me know the victims IP?

Post by **DNR** » 16 Aug 2009, 18:19

The trojan works because it initates the connection from the inside of the network (phone home) This saves you all the trouble of trying to get a login to the network. Firewalls are meant to keep stuff from coming IN, but not really going out. You are better off trying to hide it in HTTP or SSL traffic, it will fit the normal kind of traffic.
Without looking at how aladino works, you could use telnet, some trojans have their own consoles to work, you'll have to RTFM on what ever you chose.

/www.viruslist.com/en/viruse/

DNR

bozotheclown138 · Post by **bozotheclown138** » 17 Aug 2009, 13:19

Well maybe a bit off topic but a more effective way of infecting people (i wont go into detail because i dont think explaining how to spread is allowed here) but using torrents is probably the most effective way, also that trojan is rather outdated. Most of the better ones use reverse connection so that you dont need to know the ip the other computers will automatically connect to you notifying you on the client program. If you want a good RAT i'd recommend Cerberus 1.02 its my favorite, followed by Bifrost, and then Poison Ivy. But in case you dont know dont use Spynet all versions are backdoored.

Kirk · Post by **Kirk** » 17 Aug 2009, 16:07

I appreciate the info. Bozo, however I dont do this to random people. I feel that is not right. IF I were ever to implement anything I learn it will be on a specific target, not random innocents.

Again thank you for the info. I'm going to look into those virus'.