trojan/virus questions
trojan/virus questions
How would a trojan work? Let say I include an autorun and the Aladino trojan on a disk. Unsuspecting prey runs the CD and BAM, installed on the computer. Well, the Aladino trojan allows remote connect through port 5050. But how do I connect to the computer? Telnet? And if so that means I have to have the IP, right? Is there some way to have it 'call' me and let me know the victims IP?
The trojan works because it initates the connection from the inside of the network (phone home) This saves you all the trouble of trying to get a login to the network. Firewalls are meant to keep stuff from coming IN, but not really going out. You are better off trying to hide it in HTTP or SSL traffic, it will fit the normal kind of traffic.
Without looking at how aladino works, you could use telnet, some trojans have their own consoles to work, you'll have to RTFM on what ever you chose.
/www.viruslist.com/en/viruse/
DNR
Without looking at how aladino works, you could use telnet, some trojans have their own consoles to work, you'll have to RTFM on what ever you chose.
/www.viruslist.com/en/viruse/
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
- bozotheclown138
- Fame ! Where are the chicks?!
- Posts: 172
- Joined: 07 Feb 2009, 17:00
- 15
- Contact:
Well maybe a bit off topic but a more effective way of infecting people (i wont go into detail because i dont think explaining how to spread is allowed here) but using torrents is probably the most effective way, also that trojan is rather outdated. Most of the better ones use reverse connection so that you dont need to know the ip the other computers will automatically connect to you notifying you on the client program. If you want a good RAT i'd recommend Cerberus 1.02 its my favorite, followed by Bifrost, and then Poison Ivy. But in case you dont know dont use Spynet all versions are backdoored.