Friday, July 24, 2009

How to Make a Trojan Horse

How to Make a Trojan

Most of you may be curious to know about how to make a Trojan or Virus on your own. Here is an answer for your curiosity. In this post I’ll show you how to make a simple Trojan on your own using C programming language. This Trojan when executed will eat up the hard disk space on the root drive (The drive on which Windows is installed, usually C: Drive) of the computer on which it is run. Also this Trojan works pretty quickly and is capable of eating up approximately 1 GB of hard disk space for every minute it is run. So, I’ll call this as Space Eater Trojan. Since this Trojan is written using a high level programming language it is often undetected by antivirus. The source code for this Trojan is available for download at the end of this post. Let’s see how this Trojan works…

Before I move to explain the features of this Trojan you need to know what exactly is a Trojan horse and how it works. As most of us think a Trojan or a Trojan horse is not a virus. In simple words a Trojan horse is a program that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine or create a damage to the computer.

Now lets move to the working of our Trojan

The Trojan horse which I have made appears itself as an antivirus program that scans the computer and removes the threats. But in reality it does nothing but occupy the hard disk space on the root drive by just filling it up with a huge junk file. The rate at which it fills up the hard disk space it too high. As a result the the disk gets filled up to 100% with in minutes of running this Trojan. Once the disk space is full, the Trojan reports that the scan is complete. The victim will not be able to clean up the hard disk space using any cleanup program. This is because the Trojan intelligently creates a huge file in the WindowsSystem32 folder with the .dll extension. Since the junk file has the .dll extention it is often ignored by disk cleanup softwares. So for the victim, there is now way to recover the hard disk space unless reformatting his drive.

The algorithm of the Trojan is as follows

1. Search for the root drive

2. Navigate to WindowsSystem32 on the root drive

3. Create the file named “spceshot.dll

4. Start dumping the junk data onto the above file and keep increasing it’s size until the drive is full

5. Once the drive is full, stop the process.

You can download the Trojan source code HERE. Please note that I have not included the executabe for security reasons. You need to compile it to obtain the executable.

Hacking Yahoo Messenger

This tutorial will tell you how to hack yahoo messenger while you are engaged in chatting with some person.While you are chatting through yahoo messenger, Yahoo will hide the IP addresses of all the computers that are connected through the yahoo messenger application to the chat room.So it is not possible to directly find out the IP of the person you want to hack.Then how to get the IP address? Yes it is still possible to hack the IP address during the Yahoo messenger chat.The procedure to Hack Yahoo messenger is discussed in detail below.

While you are chatting via yahoo messenger the communication between you and the person you want to hack, takes place indirectly via Yahoo server and not directly.It is not possible to hack Yahoo messenger directly to get the IP address.So to hack his IP, you must establish a direct communication with him.So,how to do this? It’s easy.Just start chatting with some one via Yahoo messenger.During the process of chatting send him a big file.Now the file transfer takes place directly between your computer and the victim’s computer(via yahoo messenger application).So now, you are ready to go. Here’s the step-by-step process to hack Yahoo messenger and get the IP address of the person .

  • Goto the COMMAND PROMPT (START>>>RUN>>>Type CMD).
  • Here Type “netstat -n” (without quotes).

NOTE: If you are new to “netstat” and other IP related commands refer this tutorial:Windows XP IP Utilities

  • The pic given below shows netstat results of my computer.I was not chatting when i took this pic and hence it looks modified.

  • Here local address is your own IP and the foreign address is the IP address of the recipient with whom you are connected via yahoo messenger (There may be multiple recipients and hence multiple foreign addresses).
  • Now send him the file.
  • Check the output by typing the command “netstat -n” (without quotes).
  • Assume the output is something like this.

TCP 127.0.0.10:5101 124.55.23.11:1246 ESTABLISHED

Here 124.55.23.11 is the IP address of the person with whom you are chatting and 1246 is the port number where connection is established.That’s It! You have now hacked Yahoo messenger to get his IP address.

Once you hack Yahoo messenger and get his IP address you can use any of the Remote Administration tools or perform NETBIOS HACKING.Refer this tutorial on Netbios Hacking.

NOTE: Some times there are chances where in the file transfer gets encrypted (takes place via yahoo server itself).So in this case the above hack may fail to work.