can anyone tell me any good use (ethical) of a virus or torjans??
there must be some, as everything has some good sides...
think over it!!
Riya :cool:
Printable View
can anyone tell me any good use (ethical) of a virus or torjans??
there must be some, as everything has some good sides...
think over it!!
Riya :cool:
Not really.
Some viruses have been designed to "clean" other specific viruses off machines they infect. The main problem is, although they have no deliberately malicious payload, these viruses can still break your machine by accident.
The so-called "Remote access trojans" - programs which invisibly provide remote access to a machine (sometimes while pretending to do something else) have no real legitimate purpose, as there are plenty of legitimate remote access programs which are not technically trojans.
However, it is a fine line, things like VNC, which is used quite legitimately by many people for remote admin and other purposes, can be re-purposed as a RaT, or used as a component by remote access trojans.
I guess the problem for AV companies is: where does a legitimate remote access tool begin and a remote access trojan end?
You have to ask the question:
- What was the author's original intentional use for the program?
If it was good, it counts as a remote access tool, if it was bad, it counts as a remote access trojan.
In principle, either may be used as either, but I can't see many sysadmins using (the likes of) BackOrrifice as a legit tool. The program is advertised as being useful for gaining unauthorised remote access, therefore, there's no guarantee that it ONLY grants this access to the user (i.e. backdoors in the backdoor seem quite likely to me )
Slarty
Hello Riya
Sit back and relax with a nice cup of tea whilst "uncle nihil" (or is it Remus) tells you some tales from his dark past :D
A few years ago (quite a few) we were running Windows 3.11 for Workgroups, Office 4.3 and a Novell network. We had four Head Offices and were merging them all into a single huge one on a different site.
One of my colleagues had a problem as he required that a certain progress report form that he sent to all the HOs and connected peripheral sites (17 of them). He created the form in MS Word, form protected it, and sent it out as a .dot (template) document. For some reason when the form came back, it had lost its form characteristics, and become a simple document (.doc) This made it difficult for Al to complete his parts of the form as the tab from field to field facility had been lost.
I used a modified version of the MS Word proof of concept virus, and modified the macro detection program (I had dissected that and the "your code goes here" promps gave me the idea)
It worked just fine and Al was a very happy guy :cool:
I have also used "stolen" virus code to make registry changes and distribute code to remote sites when that was the best solution. To do it "properly" would have required desktop visits, 54Mb e-mail attachments and would have taken far too long. I did not have time to code it, so I stole (mea culpa, mea culpa). The modified "virus" code worked, and I was saved.
A number of Admins who contribute here will write stuff that works just like a virus, to do admin tasks like this. I actually used modified live virus code, which I think proves the similarity beyond doubt?
The moral is that it is the intent and effect of the code that makes it malware, not the code itself, and its functionality.
Trojans are similar?..........not much difference between remote support software and a RAT/trojan is there.........other than that remote control is being handed over knowingly, and for good reasons.
Hope this helps.............interesting topic BTW
Cheers
"Remus" :D
Isn't PC-Anywhere considered a good trojan? :). I could be wayyyyy off lol.
A good trojan? PC-anywhere isn't a trojan, it's not run unnoticed.
Actually things like Netbus, Sub7 etc. are just simple forms of PC-anywhere alike software, they only don't show up in the Task List (mostly).
And a trojan doesn't necessarily has to be a backdoor, any software that does something else than it claims to do can be considered a trojan.
el-half,
I would say that is the correct definition.Quote:
And a trojan doesn't necessarily has to be a backdoor, any software that does something else than it claims to do can be considered a trojan .
So all Windows Operating Systems are "trojans"? :D
You just reminded me of a rather amusing piece "Is Windows a virus".........I must dig it out and post it in Tech Humour
Cheers
do we need access to the other PC (remote access) if we want to access the PC having trojan?
? I'm a bit confused about what you're saying here?
A Trojan which is a backdoor (like sub7, Netbus,...) has a client part and a server part, you put the server part on the computer you want control of and run the client part yourself.
Hmm, I thought it was considered a 'BAD' remote access program -Quote:
Isn't PC-Anywhere considered a good trojan?
But a 'trojan' seems to almost fit it better.
It sits and runs on your computer, making you think you have a secure way to remote administer the system when in actuallity it is opening a large door that can easily be used by others for malicous behaviour that it doesn't claim to allow.
I think you're onto something there Cybr1d...
RRP
Actually, at my last job, we had a few users that we suspected of doing things that they were not supposed to do on their machines. Well, I could have set up a sniffer to watch those machines, but if the data was going in and out of the building on a floppy disk, it wouldn't have shown up on the sniffer. I could have installed VNC, but that would have made it pretty obvious that the computer had changed. What we eneded up doing was using (god I hate to admit this) sub7 to monitor their computer remotely. Only had it installed for 3 days. But it did its job.
BTW... they were not doing what was expected, but we did find 2 file sharing programs and a crap load of porn...
The good thing of viruses and trojans is that they expose the flaws in the OS.
which force the programers to think for a solution.
if i am not wrong...nachi tried to b good worm (errrrrr u were asking just abt viruses trojans...but i suppose this can b added ;)) it deleted msblastter n applied the patch on infected systems...
i hope i am not wrong...
ya u r right... i was just thinking over the way trojans work??
Quote:
Originally posted here by el-half
? I'm a bit confused about what you're saying here?
A Trojan which is a backdoor (like sub7, Netbus,...) has a client part and a server part, you put the server part on the computer you want control of and run the client part yourself.
Hey you guys!
I am new to this site!
so far it is pretty cool,
so I was just wondering if you guys had trojan or spy software you could give me,
or you could put up a hyper link or something
if you could that would be great!
I am looking for a Trojan with remote and backdoor and a key stroke recorder
possibly the Trojan M2 or something like that!
if you could that would be great,
Thanx!
(suggestion) Security Downloads at www.antionline.com and
Google.com
http://www.google.com/search?hl=en&l...acker+exploits
Wow did 89mokeys just interrupt a legit thread to ask us to give him a scriptkiddie tool.
What a tool!!!! This is not a hacker site. If you want to learn how to protect a computer from Trojans and virus (not sure of the plural) then read everything you can find on this site. If you want to be a 133t h@x04 then make a request like your last one in the middle of a thread and see how long it takes to get banned.
Well before the thread is closed...Quote:
The best way to fully answer that question would be for you to get a compiler, play with sockets, make your own server/client software.
Client connects to the service and sends commands. The server listens for these requests then does whatever task it was programed to do. This is all hand in hand with TCP/IP 101.
BTW 89monkeys, there are plenty of trojans that will do everything you asked for and more. By simply downloading them and playing around with stuff you will learn nothing from it unless its open source. But when stuff like what you just posted pops up it clearly shows that your not exactly the type of guy who can do even do simple tasks such as makeing hello world appear on a screen.