Wednesday, June 21, 2006

All About Trojan

Trojan horse is a destructive program that masquerades as a benign application. Unlike a viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer (are programs that appear to have one function but actually perform another function.

Most trojans are in form of client/server. That means that a trojan has two programs. The one is the client (which the attacker will use) and the server (which the victim will run). In order for a trojan to work, requires "handshake" between client and server. Commands are send from and to the client from the server. The server listens on a specific port (or more than one) and waits for connection request.
______________<<____________
| |
|--- CLIENT ---| < handshake > |--- SERVER ---|
|____________>>______________|

To connect a client to a server, we must get the ip (read our Tutorial about "Ip & ports" to learn howto). When connected, the attacker perform various commands using the client.

NOTE: The victim must run the server app on his/her PC in order to connect to the remote PC.

NOTE: If the victim run the server and the attacker cant connect to the server, that usually means that victim has a firewall or a router (or an antivirus which detected the server and deleted it). This is easily bypassed by using a binder and an AV/Firewall killer.

3 Comments:

Blogger your said...

phentermine nice :)

8:46 PM  
Blogger Sandra White said...

phentermine - health insurance - debt consolidation - home equity loans Nice comment.. I ll come back for sure :]

2:56 PM  
Blogger Sandra White said...

phentermine - health insurance - debt consolidation - home equity loans Nice comment.. I ll come back for sure :]

5:09 AM  

Post a Comment

<< Home