Thursday, January 6, 2011

What Is A Trojan - tutorial with DarkComet-RAT

What Is A Trojan?

A Trojan also known as a Remote Administration Tool, or RAT for short is a piece of software
made for monitoring a system.

Trojans are usually used for malicious purposes. Trojan coders often call there Trojans “Remote
Administration Tools” in order to try and legitimize their software. Although Trojans could be used for legitimate purposes, It is unlikely that anyone who has such a piece of software in their
possession is planning to use the software for purely legitimate purposes.

Trojans are used for things such as stealing sensitive information, stealing passwords,
unauthorized monitoring of a system, deletion of files and even watching girls through there
webcams with out permission.

Trojans normally comprise of 3 things, a Client, Build/Edit Server and Server.

Trojans that are downloaded over the Internet (I am not talking about the actual Trojan server)
normally come with a client. These Clients normally have an easy to use graphical interface, like the Trojans I have documented below.

Clients are used to connect to infected machines and send and receive information.In the case of reverse connection, the server connects to the client. 

Build/Edit Server
A Edit Server is a program used to edit the settings of a Trojan server. 

These settings include things like:

  • Notification Information (How the server sends the IP Address to the Hacker/Script Kiddie)
  • Start Up Methods (How the Trojan will run on system start up)
  • Stealth Options (Firewall Bypass etc)
  • Disabling of things like Command Prompt, Task Manager and Registry Editor.

Once the Hacker/Script Kiddie has inputted all the necessary information he/she will simply save
the settings to the server or possibly build a new server.

The server is the actual virus which the Hacker/Script Kiddie will try to infect you with.
They usually copy themselves to your Windows, System or System32 folder, they then modify
your system registry in order to make sure they are restarted on system start up.

 DarkComet-RAT (Remote Administration Tool)

DarkComet-RAT (Remote Administration Tool) is a fast/powerfull and stable remote admin tool that alloud you to control the whole remote computer , you can view the desktop / webcam / manage process / listen to the sound etc… in the same time with a realy good speed , DarkComet is work in localhost , LAN ( Local Area Network ) , and WAN ( Wide Area Network ) .
He is compatible with [Windows 2000 , Windows XP (all sp), Windows Vista (all sp) and Windows Seven] For 32(.386) and 64 bit machines.

To use it on VMWare you must choose the bridge option for network , ( NAT mode ) seems to lost some packets on transfers about 90% of the functions of DarkComet.

The Client is full Coded in Pascal/Delphi using CodeGear Delphi RAD 2010 ( UNICODE ).

The Server is coded in Pascal/Delphi ans Inline Assembler code using Delphi 2007 ( ANSI ).

Don’t forget to read disclaimer and EULA terms , when you choose to download this software you are fully responsable of the possible harmfull things you can do with it.

This software can be detect as a Virus/Backdoor/Trojan cause it alloud you to remote control a computer without any autorisation.

Video Demo:


No comments:

Post a Comment