Government Security
Network Security Resources

Jump to content

Undetectable Trojans


  • Please log in to reply
96 replies to this topic

#16 TECHgenius

TECHgenius

    Private First Class

  • Members
  • 51 posts

Posted 14 February 2004 - 03:11 AM

Doesn't work. Tested it on AVP. Detected as TrojanDropper.Win32.Small.cx.

#17 Guest_Bigbowser_*

Guest_Bigbowser_*
  • Guests

Posted 15 February 2004 - 03:06 PM

Most trojans use anti-anti-virus techniques, i.e optix pro and mosucker.

Dede is a delphi DE-compiler. ( which means it reverts the program back to its source code if its written in delphi )

the best way to get an undetected trojan is look for small ones that are not heard of .. there are loads about..
just when you find one don't tell everyone :P :blink:

#18 edjorge

edjorge

    Private First Class

  • Members
  • 28 posts

Posted 16 February 2004 - 03:53 AM

The best way to get an undetected trojan is look for small ones that are not heard of there are loads about
just when you find one don't tell everyone

Yeah, i've made a undetectble server. B) I wont share but i can tell how i made it... :P

#19 forza

forza

    Private First Class

  • Members
  • 88 posts

Posted 16 February 2004 - 04:21 AM

how did you make it :rolleyes:

#20 zero-maitimax

zero-maitimax

    Staff Sergeant

  • Members
  • 309 posts

Posted 16 February 2004 - 06:27 AM

how did you make it :rolleyes:

add byt's and pack it with upx

#21 edjorge

edjorge

    Private First Class

  • Members
  • 28 posts

Posted 16 February 2004 - 06:33 AM

how did you make it :rolleyes:

Hex Editor B)
Download the last trial version, and edit your server... If you have a packed server it will take more time to find the Bit who's causing problem with AV.
When u r editing the server replace the blocks(or signatures) with "0000", and test with your Av untill you find the bad one :P
Than u just have to memorise and open the file again and replace the signature...

#22 TECHgenius

TECHgenius

    Private First Class

  • Members
  • 51 posts

Posted 16 February 2004 - 07:14 AM

Mine is still undetected but hasn't much features.
You can get it from http://www.vb-master.cjb.net

#23 eXist

eXist

    Specialist

  • Members
  • 110 posts

Posted 19 February 2004 - 03:13 AM

TECHgenius: Will you be releasing the sourcecode for your remote admin prog? I'm asking because I'd be interested in getting a hold of it once I have some more VB experience.

#24 crypticcodez

crypticcodez

    Private

  • Members
  • 4 posts

Posted 19 February 2004 - 04:43 AM

eXist ....you can go to planetsourcecode.com and type in trojan or somethin for the search and they will give you plenty of good source codes for some nice client/server programs (trojans...rats...w/e).....

#25 TECHgenius

TECHgenius

    Private First Class

  • Members
  • 51 posts

Posted 19 February 2004 - 06:54 AM

For the moment i'm not planning to release the source. Maybe later.

#26 eXist

eXist

    Specialist

  • Members
  • 110 posts

Posted 19 February 2004 - 09:27 PM

Cheers for the info crypticcodez, definately one to bookmark :D

#27 Flowby

Flowby

    Sergeant

  • Members
  • 205 posts

Posted 20 February 2004 - 03:24 AM

Try this binder i made undetected to all antivirus...
For 20 dolars i can make a full working rat trojan like optix with all futures....All that you want!!!And it will stay undetected for ever becouse you wuill be the only one using it ,it woud be your personal trojan or binder or downloader!!!

Or you can go here and pay 200 dollars for one he he http://www.evileyeso...ees/index.shtml

#28 Faceless Master

Faceless Master

    Staff Sergeant

  • Members
  • 259 posts

Posted 20 February 2004 - 05:39 AM

hmm...Well.
Just search for NET TRASH on google or if i remember its source was available on http://www.tlsecurity.net
Recompile the source and voila.U have a cool undected trojan.
Or
Flowby offer looks good if u dont knw programming.
~Regards
Faceless Master

Edited by Faceless Master, 20 February 2004 - 05:43 AM.


#29 Guest_D4rk_*

Guest_D4rk_*
  • Guests

Posted 21 February 2004 - 03:28 PM

Ok does anyone have a list of the process names of most widely used firewalls and AV?

P.s. - I put this here becasue the damn forum won't let me start any new threads

#30 karate

karate

    Private First Class

  • Validating
  • 38 posts

Posted 21 February 2004 - 08:36 PM

Try this binder i made undetected to all antivirus...
For 20 dolars i can make a full working rat trojan like optix with all futures....All that you want!!!And it will stay undetected for ever becouse you wuill be the only one using it ,it woud be your personal trojan or binder or downloader!!!

Or you can go here and pay 200 dollars for one he he  http://www.evileyeso...ees/index.shtml

I don't think GS is the good place to sell anything... <_<

and by the way, say something will stay undetect forever ???
me think you don't know mutch about antivirus detection.
rat "like" optix...hum, optix is almost a unique thing, i know almost all troajn around, nothing is "like" optix.
me doubt you have coded the trojan you sell, and without the sourcecode, only crappy undetection can be done. sure not forever and sure not to all avs.

"Or you can go here and pay 200 dollars for one he he [url="http://www.evileyesoftware.com/ees/index.shtml""]http://www.evileyesoftware.com/ees/index.shtml"[/url]

you say that as if your offer is really better, but s13az3, friends of mine, has the source code (cause he writed it), it's really different then hexedited version you sell.

"you wuill be the only one using it ,it woud be your personal trojan or binder or downloader!!!"

same, i can assume you made a binder (easy) and a webdownloader (easy) or get open sources ones (easy) , but without source code, a full troajn is not unique at all, even hexed, the av signature localisation is the same for all.
they change signature and GOODBY your undetection.

--
UK: french trojan reference board:
http://underk.membre...hpBB2/index.php




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users