_________ SWAT MAGAZINE ISSUE THIRTY FIVE NOVEMBER __________ / \___________________________________________/ \ / Trojans \ / By An@rki \ ----------------------------------------------------------------------- So everybody knows what a trojan if not then what are you a fucking caveman or something. Okay so the reason for this article is for all those people who know what a trojan is but don't know how to use them. All though people say they are lame i think there okay as you can obtain free 0800 internet numbers and have fun destroying a few computers with some homemade Virii/killer Batch files. What you will need:- Trojan (i recommened Sub 7 or Y3K) Senna spy tools one exe maker 2000 2.0a Microangelo 5.0 ICQ account Anom. ISP account (Not vital but better safe than sorry) All of the above are avaliable from www.Haqerz.com so nip there and download them. Unzip and store in one directory. For this tutuorial i will be using the Y3K trojan. Okay first just run server.exe then load up Y3K Rat.exe so you can have a little play with the functions. (the next part was taken from a previous swat file about trojans but that was for sub 7 so i changed it here and there to suit Y3K. If you want to look at that file it is in Swat issue 18 article 8) [ f e a t u r e s ] [grab a coffee, light a cigarette and read on] + SETUP SERVER. you can setup the server before sending it to the victim. to do that, use EditServer.exe. for example, if you set it up to your ICQ #, when the server is ran on the victim's computer, it will send you his ip number + PACK the server.exe with another EXE file. + you can change the victim's resolution. it displays a list with all the resolutions available on the victim's computer and you just pick one and hit "change it!" :) + you have the option to see all the running processess [visible or not] you can use this to see if other trojans are installed for example + print feature! allows you to specify a text to be printed on the victim's printer [along with the style and size of the text] and ASCII so you could make a little picture comes with 4 already programed. + registry editor. view/create/delete/change everything in the registry + find files feature. find any file on the hard drive. you can also use wildcards + ScrollLock, CapsLock, NumLock can be turned ON and OFF + disconnect victim. hangs up the victim's connection to the net + you can now specify the _quality_ of the preview image and screen shot image. this is useful on slow connection, the lower the quality the faster the transfer. + auto notify on the specified UIN when the server is first ran. So it goes like this: you setup the server before sending it. you specify your icq number, and a name [if you're sending the server to more than one victim, you'll know which one this is]. then, you send the server and wait. when the user clicks on it for the first time, you'll be notified the victim's ip#, port and the name you specified on icq. this'll make _a lot_ of people happy. + show image feature. it allows you to pop up an image on the victim's screen from the victim's hard drive. the image can be: JPG,BMP,GIF,ICO,WFM,EFM + continuous screen capture is finally here! oh yes! you can now see what the victim is doing on his/her desktop whithin seconds. it's just like a live video of his screen, and it does NOT interfear with any other feature. so you can actually listen for his keys, download his files, and view his desktop at the same time. :) + flip screen. that's right. you can flip the victim's screen horizontally, vertically and diagonal or both. the victim has to restart their PC before the desktop is restored. Unless you do it + hide/show the victim's desktop icons. i don't know why the hell ppl want this, but they got it. + you can set your server.exe file to act in a certain way when it's ran. for example, you can set it to display a fake error message, or just to install without any notification. + FTP server. change the victim's hard drive into a FTP server. you can access every single file, using a FTP program [like CuteFTP]. it's basically a Serv-U clone, that gives you full access to everything. While setting the FTP server, you can specify the PORT number + message manager. you can send custom messages to the victim. you can specify the type of window [error/question/information/warning] the caption of the window, the text, and even the buttons. you'll receive the button clicked by the victim + set the online notification on/off. NO more email server crap. just enter your uin and press enable. that's it. it works! + enable or disable system keys. when are disabled, the victim won't be able to press CtrlAltDel anymore. works for Alt-Tab too. + send keys. you can type your own keys, send one of the victim's windows, and send those keys to that window. useful for mirc if you wanna make the victim type "i'm gay" or something. + send messages or questions to the victim's computer with the specified message or question. you'll be noticed of the victim's answer + open the default browser at the specified address + hide or show the Start button + take a screen shot of the victim's desktop. the image will be shown and saved as desktop.jpg + disable keyboard + chat with the victim. a small ICQ-like chat window will appear on both computers. the difference is that on the victim's computer, the chat window will _always_ stay on top. while chatting, you can do a few things like: hide the victim's typing space [meaning, the small window where the victim types will dissappear] start/stop his/her PC Speaker. the victim will _not_ be able to close the chat, so if you don't close it it'll be stuck there the whole time :) + start/stop the victim's PC Speaker. [i thought it'll be nice to tell the victims about the good-old PC Speaker] + restart windows. don't abuse it though. + open/close the CD-ROM + set a password for the server. [that's if you don't want other people with Y3K using that server] + get all the active windows on the victim's computer. after that you can: - close a specified window - enable/disable a specified window [the victim will or will not be able to interact with it] - disable the close button on a specified window - hide or show a specified window + get a list of all the available drives on the victim's computer + turn monitor on/off. this only works on the monitors that _can_ be turned off programatically + show/hide the taskbar. + get more information about the victim's computer. like: windows version, user name, company name, screen resolution, etc. + change the server name. the server will save itself with the specified name + listen for all the pressed keys. you'll see all the keys pressed by the victim. useful to get passwords. + file manager. you can easily see all the files and folders on the victim's computer. when you double click on a diretory, the server will change to that directory. when you select a file, you can: - get the file's size - download it - set it as wallpaper [only if it's a JPG or BMP file] - delete it - play it on the victim's computer [only if it's a WAV file] - execute it [the program assigned to open that file will obe launched on the victim's computer] - upload things like virii or other trojans - Rename and create folders. - Make it - Edit eg autoexec.bat + reverse/restore mouse buttons. Lock mouse at position. Press buttons and move to a position + close the server on the victim's computer. [note: the server will start again next time the victim starts windows] + remove the server from the victim's computer. this completely removes the server from the memory + IP motherfukin' scanner! it ONLY scans for Y3K servers, and that's why you _don't_ need a port (it has its own method of recognizing the server). if you find an infected IP, that doesn't mean you can connect. you still need the port and the password [if set] + get passwords. you'll receive a list with all the passwords recorded on the victim's computer since startup. including ICQ,ISP's and cached + offline key logger. "get offline keys" retrieves a list of all the keys pressed since the windows startup. + Sound manager play windows sounds e.g start up, error etc..... + Evil Manager has to functions Overclock and Write Error + Rename recycle bin That is about all the features i think. If not then thats all the main ones. Okay now using it first remove the Server of your PC if you have run it. Load up Edit server and set it to what your requirements are if you getting mutiple victims i recommened you name the server and also password protect it. Now you can send it like this but this is to obvious so even the thickest lamer ain't going to fall for this so get an .exe file of some kind. Then load up senna spy tools and add the server and exe file. Make the server to copy to temp and open mode hide and do the same for the exe but make this open normally and save. The reason for using this is because Virus scanners can't detect the trojan for some unkown reason. Load up microangelo change the icon and add to zip and then send to a victim. victim scans it with virus scanner says it's clean they run now you have a server on their pc load up ICQ get there ip address enter it in Y3K rat along with password (if required) and have fun the only problem is when they scan there whole computer it will find the server in Temp and Windows folders. But then again they don't know that it is from the program that you sent them that is causing the problem so they might just run it again if they didn't delete it. So you can still get on there computer. Also if you give them a good program and they pass it on to other friends it doesn't take long before you have servers on lots of computers. E-mail - anarki4eva@another.com Web site - http://www.fortunecity.co.uk/underworld/rpg/494/ (currnetly under construction)