ProRat
To show you an example of a malicious program, I will use a well known Windows Trojan, ProRat.
1.DOWLOAD ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be "pro".
2. Open up the program. You should see the following:
1.DOWLOAD ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be "pro".
2. Open up the program. You should see the following:
3. Next we will create the actual Trojan file. Click onCreate and choose Create ProRat Server.
4.
Next put in your IP address so the server could connect to you. If you
don’t know your IP address click on the little arrow to have it filled
in for you automatically. Next put in your e-mail so that when and if a
victim gets infected it will send you a message. We will not be using
the rest of the options.
5. Click on the General Settings button
to continue. Here we will choose the server port the program will
connect through, the password you will be asked to enter when the victim
is infected and you wish to connect with them, and the victim name. As
you can see ProRat has the ability to disable the windows firewall and
hide itself from being displayed in the task manager.
6. Click on the Bind with File button
to continue. Here you will have the option to bind the trojan server
file with another file. Remember a trojan can only be executed if a
human runs it. So by binding it with a legitimate file like a text
document or a game, the chances of someone clicking it go up. Check the
bind option and select a file to bind it to. In the example I will use
an ordinary text document.
7. Click on the Server Extensions button
to continue. Here you choose what kind of server file to generate. I
will stick with the default because it has icon support, but exe’s looks
suspicious so it would be smart to change it.
8.
Click on Server Icon to continue. Here you will choose an icon for your
server file to have. The icons help mask what the file actually is. For
my example I will choose the regular text document icon since my file
is a text document.
9. Finally click on Create Server to, you guessed it, create the server file. Below is what my server file looks like.
10.
A hacker would probably rename it to something like "Funny Joke" and
send it as an attachment to some people. A hacker could also put it up
as a torrent pretending it is something else, like the latest game that
just came out so he could get people to download it.
11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.
12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it.
11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.
12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it.
13.
Now the hacker has a lot of options to choose from as you can see on
the right. He has access to all my computer files, he can shut down my
pc, get all the saved passwords off my computer, send a message to my
computer, format my whole hard drive, take a screen shot of my computer,
and so much more. Below I’ll show you a few examples.
14. The image below shows the message I would get on my screen if the hacker chose to message me.
15. Below is an image of my task bar after the hacker clicks on Hide Start Button.
As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.
As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.
No comments:
Post a Comment