Latest News

Trojans and RATs- Know The Facts


What are TROJANS?

A Trojan is a program that pretends to be legitimate program, while It is malicious in nature and is infecting the system in background. It  provides complete access of that system to the Attacker.

How Trojans work?

Trojans work on client server basis.  The client will reside on hacker’s system and the server will be on victim’s computer. When the victim clicks the server, client listens to the connections through the specified ports and gives the access to the victim’s system.

Ports

Ports are the end points that provide communication between computers or networking devices.

Physical ports- example usb ports,serial port etc

Virtual portsVirtual ports provide a virtual connection between the computer systems. These ports are the ones we need for communication on internet. Different Trojans use different ports.  These are referenced using some numbers. There are  65535 ports.

Direct connection Trojans

If the Trojan is direct connecting Trojan then attacker can connect to the victim directly and can get access to the victim machine, but the scenario is not always that easy. Victim can be behind a router, in that case direct connection Trojans will not any provide any access to the victim computer. One more disadvantage is we need to know the IP address of the victim.

HACKER-->server-->VICTIM
Example: PRORAT

Reverse connection Trojans

When the  Victim is behind a router, direct connection Trojans will not  provide any access to the victim computer. Here comes the need of reverse connection Trojans. In this case, the victim will be connected to the hacker using the server file. This is Very useful if the person sits behind a router . After infecting the victims PC, the trojan will automaticly connects to the hacker.

HACKER<--Server<--VICTIM
Example: Darkcomet

Port forwarding

If the hacker does not connect to the Internet directly (with a modem) and he sits behind a router, he needs to forward the trojan ports in his routers configuration if he is doing a reverse connection. This is called portforwarding.  The basic idea of port forwarding is to instruct our router to allow external connections to our PC. It varies from router to router based on its company and version.

Dynamic IP address

Most of the computers today do not have a static IP address, So  using a service like no-ip which gives you a name like hacker.no-ip.org  which can be pinged from anywhere on the internet and it will give your current IP address. Set your reverse connection trojans to connect to this name.

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com , ,manoj960000@gmial.com.
skype: greeenchip

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code