WHAT IS A TROJAN HORSE?

A program that appears desirable but actually contains something harmful is called as Trojans. The contents of a Trojan can be a virus or a worm.

A program that comes in secretly and quietly, but it carries a destructive payload. Once you become infected by the worm or virus that the Trojan carries into your computer, it can be very difficult to repair the damage. Trojans often carry programs that allow someone else to have total and complete access to your computer. Trojans usually come attached to another file, such as an .avi, or .exe, or even a .jpg. Many people do not see full file extensions, so what may appear as games.zip in reality could be games.zip.exe. Once the person opens up this file, the Trojan goes to work, many times destroying the computer’s functionality.

Your best line of defense is to NEVER accept files from someone you don’t know, and if you have any doubts, then do NOT open the file. Get and use a virus detection program, such as Inoculate and keep it updated regularly.

A Trojan (also called a Trojan horse) is a software program in which harmful or malicious code is contained within another (seemingly harmless) program. When this program executes, the Trojan performs a specific set of actions, usually working toward the goal of allowing itself to persist on the target system. Trojans can allow hackers to open backdoors on your system, giving them access to your files and even network connectivity.

TYPES OF TROJANS

1. Remote Access Trojans

These Trojans are the most popular Trojans now. Everyone wants to have such Trojan because can have access to their victim’s hard drive. The RAT’S (remote access Trojans) are very simple to use. Just make someone run the server and you get the victim’s IP and you have FULL access to his or her computer. They you can almost everything .It depends of the Trojan you use.

But the RAT’S have the common remote access Trojan functions like: key logger, upload and download function, make a screenshot and so on. Some people use the Trojans for malicious purposes. All these sick minds want to do is crash the hard disk. 

There are many programs out there that detect the most common Trojans, but new Trojans are coming every day and these programs are not the maximum defense. The Trojans mostly have the same options. These Trojan restart every time Windows is loaded. That means it has got in the registry or in win.ini or in other system file so the Trojan can restart.

Also the Trojans create some file in the WINDOWS\SYSTEM directory. The file is always looking to be something that the victim will think is a normal WINDOWS executable. Most Trojans hide from the Alt+Ctrl+Del menu. This is not good because there are people who use only this way to see which process are running. There are programs that will tell you exactly the process and the file from where it comes. Yeah but some Trojans as I told you use fake names and it’s a little hard for some people to understand which process should they kill.

The remote access Trojans opens a port on your computer letting everyone to connect. Some Trojans has options like change the port and put a password so only the Hacker that infect you will be able to use the computer. The changed port option is very good because I’m sure you don’t want your victim to see that port 31337 is open on their computer. Remote access Trojans are appearing every day and they will continue to appear.

For those that use such Trojans: BE CAREFULL you can infect yourself and they the victim you want destroyed will revenge and you’ll be sorry. If you don’t know anything about Trojans DON’T USE THEM.

2. Password Sending Trojans

The purpose of these Trojans is to rip all cached passwords and send them to specified e-mail without letting the victim about the e-mail. Most of these Trojans don’t restart every time Windows is loaded and most of them use port 25 to send the e-mail. There are such Trojans that e-mail other information too like ICQ number computer info and so on.  These Trojans are dangerous if you have any passwords cached anywhere on your computer.

3. Key loggers

These Trojans are very simple. The only one thing they do is to log the keys that the victim is pressing and then check for passwords in the log file. In the most cases these Trojans restart every time Windows is loaded. They have options like online and offline recording. In the online recording they know that the victim is online and they record everything. But in the offline recording everything written after Windows start is recorded and saved on the victim’s disk waiting for to be transferred.

4. DestructivE trojans

The only one function of these Trojans is to destroy and delete files. This makes them very simple and easy to use. They can automatically delete all your .dll or .ini or .exe files on your computer. These are very dangerous Trojans and once you’re infected be sure if you don’t disinfect your computer information will no longer exist.

5. FTP Trojans

These Trojans open port 21 on your computer letting everyone that has a FTP client to connect to your computer without password and will full upload and download options. These are the most common Trojans. They all are dangerous and you should be careful using them.

BLOCK UNWANTED WEBSITE WITHOUT ANY SOFTWARE

Many people want to Block some websites that are harmfull to our PC or/and our life. Like some parents take care of our children by blocking porn websites and some offices blocks some special websites that may harm there network.

You may need a costly (or even free) software to block such websites. Why to spend money and time and why give HDD space to such useless softwares. Just do this and block unwanted softwares from accesing .

STEPS TO FOLLOW
1) Browse C:\WINDOWS\system32\drivers\etc

2) Find the file named "HOSTS"

3) Open it in notepad

4) Under "127.0.0.1 localhost" Add 127.0.0.2 www.thesitenamethatyouwantblock.com , and that site will no longer be accessable.

5) Done!

For every site after that you want to add, just add "1" to the last number in the internal ip (127.0.0.2) and then the addy like before.

EXAMPLE: 
127.0.0.3 www.blablabla.com
127.0.0.4 www.blablabla.com
127.0.0.5 www.blablabla.com

HOW TO INSTALL BACKTRACK 4 ON A FLASH DRIVE

I wanted to be able to run Backtrack on my laptop, without the worry of having it dual booted, and be able to save my data, such as wallpaper, updates, and settings. Unfortunately all the walkthroughs I could find either didn’t work or ended up being a live CD on a flash drive. So, this is how I got it to work.

What you will need

1. A flash drive that is at least 4 GB. (8 GB is the best)

Considering the ISO is only 1570 MB, I would think 4 GB should work, but when I tried it I got a warning saying the installation may fail if I have less than 4.8 GB. I canceled it so I don’t know if it will work or not. The more space you have the more data you can save. So, I would suggest 8 GB or more. I used 16.

2. A BackTrack 4 final release iso
You can download bt4-final.iso from bt4-final.iso

3. A writable DVD

4. You may want to print out a copy of this tutorial to follow along.


Here We Go
Do not plug your flash drive in till step 4

Step 1

After downloading the bt4-final.iso, burn it to your DVD.

Step 2

Place your new BT4 live CD into your optical drive and boot from it.

Step 3

Choose the "Boot from persistent live CD" option. After it finishes loading, you will be logged in as root@bt. From here you want to type the command "startx" without the quotes. This will bring you into the GUI (graphical user interface). Keep in mind that all Linux/Unix commands and directories are case sensitive.

Step 4

This is the time to plug in your flash drive. You will want to make sure you have removed all data from your flash drive as this process will wipe it clean. 

After plugging in your flash drive, you will need to go into GParted and partition it. To do this you will open up the "K Menu" (The little dragon thing in lower left hand corner where the "start menu" is in windows), go up to system (NOT System Menu), and select Partition Editor. 

Once GParted opens, don’t be disappointed when you don’t see your flash drive listed there. Just go to the drop down menu in the upper right corner of GParted and select your flash drive. It will probably be sdb, sdc, or sdd depending on how many devices you have plugged in. You can check the size of the drive if you are unsure which one it is. For the sake of this tutorial I will refer to it as sdc.

When you select your flash drive, you will see its partition table. Click on sdc1, then, at the top of GParted, select device, and then Create Partition Table. This will erase the current partition table, as well as all the data. After the old partition table is gone, select 
"unallocated", then go to Partition (Also at the top of GParted) and select "new".

Here we are making a new partition. If you want to devote the whole flash drive to BT4 then leave everything default. For the file system you can choose either ext2 or ext3. My understanding is that ext3 has recovery and ext2 does not.

"Label" is simply what you want to name your flash drive. After you have selected your file system and named your device, click ADD, then at the top, click apply. Now you have created a new partition and you are ready to begin the installation process.

Step 5

Now let’s start the installation. In the upper left corner of the desktop you will see a file called "install.sh" click on it.

I have noticed that sometimes starting the install.sh can be a bit buggy. If it doesn’t seem to want to start for you, reboot by typing init 6 in the terminal. Don’t worry, you won’t have to repeat step 4.

Choose your time zone then click forward. Choose your Keyboard layout and click forward. In the next window, choose "Guided -use entire disk" then choose sdc, or 
whatever yours is called, and click forward. Now you want to choose advanced so you can tell it where to place the boot loader. Go to the drop down menu and choose sdc1.

Click OK. Then Click install. Now cuddle up to a good book cuz this will take a while. Be patient. Remember you are installing from a live CD to a flash drive. This will probably take a couple hours. Once it is installed, and you reboot, you will be prompted to log in.

the username is root
the password is toor

Now you are done

RUN THE TRIAL VERSION SOFTWARE IN YOUR PC WITHOUT ACTIVATION

In this post I’ll show you how to hack Software and run the trial program forever. Most of us are familiar with much software that runs only for a specified period of time in the trial mode. Once the trial period is expired these software stop functioning and demand for a purchase. But there is a way to run the software and make them function beyond the trial period.

Before I tell you how to hack the software and make it run in the trial mode forever, we have to understand the functioning of this software. I’ll try to explain this in brief.

When this software is installed for the first time, they make an entry into the Windows Registry with the details such as Installed Date and Time, installed path etc. After installation every time you run the software, it compares the current system date and time with the installed date and time. So, with this it can make out whether the trial period is expired or not.

So with this being the case, just manually changing the system date to an earlier date will not solve the problem. For this purpose there is a small Tool known as RunAsDate.

RunAsDate

It is a small utility that allows you to run a program in the date and time that you specify. This utility doesn’t change the current system date, but it only injects the date/time that you specify into the desired application.

DOWNLOAD

RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify. It works with Windows 2000, XP, 2003 and Vista.

FOLLOW THESE TIPS CAREFULLY

You have to follow these tips carefully to successfully hack software and make it run in its trial mode forever.

1. Note down the date and time, when you install the software for the first time.

2. Once the trial period expires, you must always run the software using RunAsDate.

3. After the trial period is expired, do not run the software (program) directly. If you run the software directly even once, this hack may no longer work.

4. It is better and safe to inject the date of the last day in the trial period.

For example, if the trial period expires on jan 05 2011, always inject the date as jan 05 2011 in the RunAsDate. I hope this helps! Please express your experience and opinions through comments.

TELNET HACKING

Telnet is the basic hacking tool, which every hacker must know how to use before he can even think about Hacking. It can be used to connect to remote computers and to run commands by simply typing them in its window. Telnet does not use the resources of the client's computer but uses the resources of the server to which the client has connected. Basically it is a program that you will be using to connect to your victim's computer. It just requires that you and your victim are both connected to the internet.

How can I connect to a remote computers using telnet?

Telnet can be started by going to start -> run and typing telnet Once the Telnet windows pops up click on Connect->Remote System then in the host name type the host i.e. the IP address of the remote computer or the website you want to connect to . Then in the Port select the port you want to connect to. You can only connect to ports which are open on the host computer. Almost always leave the Term Type to vt100.We use vt100 as it is compatible with most monitors. Then click connect and you will be connected to the remote machine in some time. The syntax of the telnet command from DOS prompt is C:\>telnet By default port is taken as 23. Scroll down and read more about ports.

What is an IP Address?

Like in this world, everyone has a Home Address so that he can be contacted on that address; similarly all computers connected to the Internet are assigned a unique Internet Protocol or IP address which can be used to contact that particular computer. An IP is simply the address of a particular computer. Every computer connected to the internet has a different IP address. An IP address is of the form: xxx.xxx.xxx.xxx. You can find your own IP by going to start->run and typing winipcfg. If you need to connect to a friend's computer then you need the IP address of his computer. There are many ways of finding out the IP address of a person's computer without letting him know.

What exactly is a Port

There are two kinds of ports-Physical (Hardware) and Virtual (Software) you may be thinking of ports to be the slots behind your CPU to which you connect your Mouse or Keyboard or your monitor. These sockets are called physical ports. We are here interested in only virtual ports. It is nothing physical but it is kind of a virtual pipe through which information can go in and out of the computer. A particular computer can have a large number of ports. All ports are numbered .Now at each port a particular service is running. Software which runs on a port is called service. For interchanging different kinds of information different ports are used. A typical list shows the various ports

Ping              :  7
Systat         :  11

Time              :  13
NetStat       :  15
SSH                 :  22
Telnet         :  23
SMTP              :  25
Whois           :  43
Finger         :  79
HTTP              :  80
POP                 : 110

You can connect to a remote computer at a particular port. When you are connected to that port then you can interchange information related to that particular port only. Ports can be open or closed. If a particular port of a computer is closed then you cannot connect to that computer on that port. Generally most of the computers have at least 5 or 6 ports open.

What is a Daemon?

A daemon is a program that runs at ports. You can consider it to be software that manages the flow of information through the port. All the ports can have different daemon / services running on them

Port Scanning

It is the first step in finding a hack able server running a daemon. Like software can have bugs, similarly daemons can have a hole or a vulnerability .A hacker can utilize this hole for his purpose. Say you want to hack into someone's server, what do you do? You need the IP address of the computer you want to connect to. This is the first basic step. Once you have the IP, you need to know which port is open so that you can connect to it. Every port may not be open so you need to find out a list of open ports which are running a daemon. Once you have the list of open ports on the victim’s computer then you can connect to any one of those ports .For this purpose we have port scanners. You just need to feed the IP address into the port scanner and it will give you the list of all the open ports of that IP. Some port scanners, along with the list of open ports also give the service running on each port and its vulnerabilities. Once you have got the list of open ports then connect to each of them one by one and see what daemon or service they are running.

But one thing you need to be careful about before port scanning is that most port scanners are very easily detected and can easily be traced and you have no excuse if you are caught doing a port scan. It a sure sign of Hacker Activity and if the host is running the right kind of Sniffer software maybe Ether peek then the Port scan can be easily detected and the IP of the user logged . Once your IP is logged then you can be easily traced thru you internet service provider, so be careful with port scanning.