Penetration Testing mailing list archives

Re: [PEN-TEST] penetrating trojan

From: Can Erkin Acar <canacar () EEE METU EDU TR>
Date: Thu, 7 Dec 2000 11:30:18 +0200


On 6 Dec 2000, at 9:04, Joakim Sandström wrote:

Ok I know this is a bit evil BUT:

I once wrote a small piece of software (Win32) that after planted made
system tests like ->


[snip]

These are just examples of what could be done by this.. but my main question
is -> Any tool out there
capable of doing this sort of thingies?  I'd be interrested in knowing what
effective methods has been
used to infect other computers after gaining access to a domain on some
level..


there is the Hybris virus out there that behaves similarly.
The virus consists of 'plugins'  that it posts encrypted to
alt.comp.virus newsgroup after infecting a computer.
The virus also checks plugin versions and downloads newer
versions from the newsgroup. Thus upgrading itself,
and possibly adding new functionality.
This is not a trojan by default but ...

Can

Current thread:

Re: [PEN-TEST] penetrating trojan, (continued)
- - Re: [PEN-TEST] penetrating trojan Simon Waters (Dec 06)
    - Re: [PEN-TEST] OT: Lotus Notes name service (was: penetrating trojan) Michael Rowe (Dec 06)
    - Re: [PEN-TEST] OT: Lotus Notes name service (was: penetratingtrojan) Simon Waters (Dec 07)
- Re: [PEN-TEST] penetrating trojan Panagiotis Dimitriou (Dec 06)
  - Re: [PEN-TEST] penetrating trojan Sven Bruelisauer (Dec 07)
    - Re: [PEN-TEST] penetrating trojan Guy Cohen (Dec 07)
    - Re: [PEN-TEST] penetrating trojan C.E.Steiner (Dec 10)
- Re: [PEN-TEST] penetrating trojan Joakim Sandström (Dec 07)
  - Re: [PEN-TEST] penetrating trojan David Knaack (Dec 07)
    - Re: [PEN-TEST] penetrating trojan Robert van der Meulen (Dec 07)
  - Re: [PEN-TEST] penetrating trojan Can Erkin Acar (Dec 10)
- Re: [PEN-TEST] penetrating trojan Panagiotis Dimitriou (Dec 10)