What is Trojan horse

What is Trojan Horse

 Working of Trojan Horse

 Types of Trojan Horse

 How They Introduced

 Tini Trojan

Classic Netbus

Beast RAT 2.07

*What is Trojan horse

    Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but (perhaps in addition to the expected function) steals information or harms the system.

*Working of Trojan

Attacker gets access to the infected(server) system as the system goes online.

Through the access given by the Trojan, an attacker can stage attacks of  different types.

*Types of Trojan Horse

1.Password Sending/ capturing

2.FTP Trojans

3.Key stroke captures

4.Denial Of Service (DoS)

5.Remote Access

6.Software Detection Killers

*How they introduced

1.Chat Clients ( Yahoo, Gtalk, IRC)

2. Email Attachments

3. Physical Access to the System

4. P2P (Torrent) and Freeware Sites

5. Wrappers

6. File Sharing

*Tini

Tini Trojan found at

 http://ntsecurity.nu/toolbox/tini

The Small 3kb size of this file left a small signature , hence the name Tini.

It only listen on port 7777 and returns a command prompt shell to the attacker. The static use of this port made easy to detect.

From a Tini client you can telnet to Tini server at port 7777 .

*Net bus

Netbus is a software program for remotely controlling a Microsoft Windows computer system over a network. It was created in 1998 and has been very controversial for its potential of being used as a backdoor.

*Beast Final V.2.7

Beast is a Windows-based backdoor Trojan horse more commonly known in the underground "script- kiddie" community as a RAT (Remote Administration Tool). It is capable of infecting almost all Windows versions i.e. 95 through XP. Written in Delphi and released first by its author Tataye in 2002, it became quite popular due to its unique features.