Trojan Horse (Basics) - Part 1

Have you watched movie Troy ? okay lets leave . Have your wallpaper ever changed automatically ? Have the programs ever started without your initiation ? Have the browser opened unexpected websites automatically ? Simply have you ever felt that someone else is controlling your computer ? NO ?
Congrats, you probably haven't been a victim of trojan yet :).

A trojan horse is a remote administration tool(RAT). This is some thing extremely dangerous.  A trojan gives the full control of victim's PC to the attacker. 
 A trojan has two parts . One is client part (Control Panel) and other is server part (meant to be sent to victim).

The basic methodology of using a trojan is as follows:-

1. Attacker creates an executable file of size in kbs. This  is  server part of trojan and mostly called as server.exe

2.Attacker might hide this server.exe behind any genuine file like a song or image. Attacker gives this file to victim and victim is supposed to double click on it.

3.As victim run that server part , a port on victim's computer gets opened and attacker can control his PC sitting remotely in any part of the world through the control panel(client part). Attacker can do anything with victim's computer remotely that victim himself can do on his computer.

Note: Now I am assuming that you know a little bit about IP addresses that is lan/internal/private and wan/external/public IP.
Two different methods of working of Trojan.

1. Direct Connection : In this method, after the server part has been installed on victim's machine, the attacker enters the public IP address assigned to victim's computer for making a connection to it. But limitations of direct connection is that public IP address is most probably dynamic and gets changed everytime one disconnects and reconnects. So attacker needs to find out IP address of victim each time.Moreover the incoming connection like this is usually restricted by firewall.
The main limitation of direct connection is that you can not access the victim who is behind a router or a network beacuse victim's machine is not assigned public/external/wan IP. It is only assigned private/internal/lan IP which is useless or meaningless for computers outside that network.The wan IP belongs to his router.

It doesnt matter how attacker is connected to internet. Attacker can be connected to internet any of three means.




Victim is behind a router in this case. (havent inserted the picture of victim behind a network, imagine that )
2. Reverse Connection: In this method, attacker enters his own IP address in server part while configuring it .So when the server part is installed on victim's computer, it automatically makes connection with client part that is attacker. Also the firewall in victim's machine would not restrict to outgoing connections. Problem in this case is same that attacker's IP is also dynamic. But this can be over come easily. Attacker actually enters a domain name in server part which always points to his dynamic IP.

Reverse connection can bypass a router or a network.


You might be confused at this point. Kindly mention your queries/doubts in comments.

Popular posts from this blog

Meditations on Relevance, Part 2: Content vs. Form

Image
In pop culture-land, relevance is all about now. Who's hot. What's trending. If people on the street are talking about X, the museum should be talking about X too. This is the least useful form of relevance for the arts. "Now" is not an easy business model to chase--especially for institutions rooted in permanence. "Now" requires major changes to how we work and what we offer. "Now" comes off as disingenuous and irrelevant if done wrong. And now is not tomorrow. It is not the long term. It is just now. Endlessly, persistently, expensively, now. I used to work at The Tech Museum of Innovation in San Jose, CA. Our mandate was to be the museum of Silicon Valley--not of its material history, but its pulse of innovation. This was impossible. The exhibits we put on the floor were immediately dated. Their physicality, long timelines, and big budgets made them immutable objects. They didn't speak to the thrilling drumbeat of change at the heart of inno...
Read more

videos about world information

Image
Search Results Access to Information - World Bank Group https://www.worldbank.org › access-to-information ▶ 0:53 Jul 7, 2015 - Uploaded by World Bank Latest news and  information  from the  World  Bank and its development work on Health. Access facts ... World Oceans Day 8 June - the United Nations https://www.un.org › events › oceansday ▶ 3:50 Jun 5, 2010 - Uploaded by UNESCO Finalist of the  World  Oceans Day Photo Competition 2017 / Dragos Dumitrescu, ... More  information  on the ... Coronavirus (COVID-19) events as they happen - World ... https://www.who.int › Emergencies › Diseases › Coronavirus disease 2019 ▶ 1:00 2 days ago - Uploaded by World Health Organization (WHO) With a  global  shortage of supplies and equipment to fight the ... will receive notifications with the latest news ... World Environment Day 5 June - the United Nations h...
Read more

How to Crack a Wpa2-Psk Password with Windows

It,s very common question on the internet to How to hack a Facebook account password and how to hack a WiFi password. Even if you search on YouTube you will find a lots of tutorial to How to hack a WiFi password using backtrack. However, backtrack OS is not most handy OS for normal users. yesterday my one Facebook friend Lovito Tsuqu Kiho ask me to how to hack WiFi using commview using aircrack-ng. Today i am going to show you how to a crack a Wp2-psk password with windows machine. Software Requirement for this lab :-
Read more