Written by Voxelite
I was thinking about trojans on the other day, I realized that most people do not know how they work, or even how to use them. So I decided to make this quick intro.
Trojans work by using a client-server structure. This structure has two components, yes, you guessed it, they're called the client and the server. the client is usually the one that works as a control panel for your victims. The server is the little .exe file that you try to get people to download and execute. Back in the day, trojans were pretty simple. Someone downloaded the server, and you connected to their computer via the client. Then you messed around, keylogged them, made them into a proxy, etc. This method worked because back then, most people did not have routers, and did not have firewalls. These days, practically everyone has both. This really upset the trojan people, because routers can screw up communication between the client and server, and firewalls will reject any incoming connections. Because of this, you couldn't connect to your victims! All hope was lost, or so it seemed...
One day, some bright programmer came up with the idea of having the victim connect to you! This solved all of the problems (except hte routers, which I'll get to in a second), and made it easier to see how many people you had infected. This method has a name. It's called reverse-connect. Reverse connect makes your computer act like a hub, and all the victims send a connection out from their computers, and to yours. You can't just automatically get a trojan and start going though. That's because of hte routers, and how networks and IP's usually work these days. Routers often have a firewall inside them, and will also turn away any incoming connections. That's why you have to open a port on the router, to let the connection through. But it doesn't end there. You also have to have a static LAN IP. These days, LAN's work via DHCP. DHCP makes it so there's a pool of LAN IP addresses, and whenever your computer comes on, it just grabs a random address and starts going. This is a problem, because you may shut down, and then the previously working connection has no idea where to go! It gets lost, and your hard-earned victims are lost too. Therefore, you have to configure your router so that it reserves one LAN IP address just for you, whether your computer is off or on. This is called a static IP, btw. But we're not done yet, because the same dynamic IP problem applies to your WAN IP! It changes sometimes monthly, weekly, or even daily! Then your bots would be truly lost... But there is a way to fix this! It's called No-IP. No-IP is a type of service (almost always free, and there's many providers) that lets you register a domain name that you tell victims to connect to when you build the server. the victims connect to the domain name, and No-IP forwards that connection to your current WAN IP. You use software that comes with the No-IP account to constantly update your WAN IP. So everything works fine.
There are a few problems with trojans though. First of all, you're hosting the victims off your own computer and your own connection, which can get you easily screwed, and second of all, most No-IP type services have caught onto this practice, and disable your account the moment they see trojan-like connections. I used to use trojans a long time ago, and back then we were always on the hunt for No-IP sites that didn't disable your account. I looked into some of my old files, and found two sites that are worth mentioning:
Code: Select All
opendns.be
yi.org
0 comments:
Post a Comment