Confessions of a Trojan Hacker

The intermediary transaction SEO diagnoses Taobao guest stationmaster buys the Cloud host technology Hall

Once upon a time, in the eyes of computer technology personnel, hackers are also regarded as a genius to worship. Even to China's unique red guests appear, but also because of the so-called sense of justice can still be accepted by netizens. But in the current era of almost universal hackers, the hacker code of the malicious destruction of any system has been no one to comply with the spirit of the hacker was completely abandoned.

In the naked money temptation, every day there are countless people with a variety of purposes, on the ground into the network underground world. Kevin's 7-day hacker diary, let us see the Internet "triad" shocking fact: many people to peep for music, exchange a variety of Trojan intrusion means, the broiler (hackers controlled by others computer) sold to others, and even the so-called "master", the production of simple and understandable tutorials.

Day1 Sprout

From the university, a variety of new computer knowledge has always been my interest, those hackers, red guests, trojans, viruses and other information is particularly attractive to me. I don't have much knowledge about this, but it's fun to see the reports.

Last year's report on the blackmail site for DDoS attacks has intrigued me a lot. At that time in Baidu Bar, I saw Gray Pigeon group, Trojans and other very active, every day there will be nearly dozens post update, the vast majority of the gray pigeon teaching, marketing Trojan software and broiler sales and so on. At that time to think of their own no interest in attacks and black out those sites, but also just look at it.

However, the recent controversy between Jinshan and Gray pigeon has aroused my interest, I heard that parasitic in the gray pigeon downstream of the industrial chain reached 100 million yuan scale, let me really surprised. It's a little bit jealous to think that you're trying to make thousands of bucks a month. I'm always interested in computers and I don't believe I'm worse than those people. I want to go online to see what is going on with the gray pigeon, I also have to learn.

Day2 Looking for self-study

Take advantage of the afternoon work is not busy, I slipped to Baidu's gray pigeon bar, there is a post, the title is "90 Yuan Apprentice, teach pigeon configuration, internal and external online line method, kill, catch broiler, net horse configuration." "It attracts me. According to the tip of the post, joined a Vista SP1 as the name of the QQ group.

When I successfully passed the test to enter the group after the discovery of a lot of people, 137 members of more than 30 people online, we are talking about double open, broiler, agent, scanning and other topics, to these names I am only not half, regardless of it, anyway, the line of fools. Many people's names are also preceded by the words "acts", which is probably the mark of paying the money.

In this QQ group of space There are 40 kinds of related tutorials and tools to provide downloads, I have downloaded, but most of them are compressed files, you need to extract the password to view the use. I heard that a lot of people are borrowed to teach Trojan money, forget it, I still go home at night first look at the information on the Internet to try it, anyway, online hacker website and software so much, not necessarily pay to learn.

DAY3 Contact Fee

Last night for a night, saw a lot of websites, also tried some software, nothing. The intrusion, scanning of the tutorials and articles are very simple, but I follow the operation is not the same result, really depressed. I guess I'll have to pay for it.

Today, I went back to the Vista SP1 Group and found the administrator Paul, who was the master. But look at his QQ data show that age is 25 years old, is also in Shanghai, and I am the same.

When I in the name of the rookie humble to Paul to ask how to use gray pigeons and Trojans and a series of problems, he appears impatient, just said that he has many years of experience in hacking Trojan, and can write hacker tools, and as long as the teacher worship him, you can provide a variety of free hacker tools.

Well, turn it on, anyway, as long as you can learn to do, Paul very readily provided CCB and ICBC two accounts, let me transfer 90 yuan into any account, and left a 134 mobile phone number. After work I through the Construction Bank ATM machine to Paul transfer 90.01 yuan, and SMS informed him.

Day4 Apprentice

Last night I have something, home has been more than 11, the group looked at, there are more than 10 people online, but the master is not.

It's been a long day, but I've been thinking about what Master is going to teach me. Back home hurriedly grilled a few meals, I went online to find master. He said he had received my tuition fees, and officially said I was his apprentice now, but also let me in front of the name plus "acts" to be different from others.

Then Master gave me to extract the password, let me start from his own "online Pigeon on-line Tutorial" Animated tutorial began to learn, follow the tutorial. Although the operation is very stupid, but perhaps it is too stupid, I did not get the tutorial after the effect of the said, even the gray pigeon remote control software can not open. Master then used the QQ remote control function to control my Computer, demo and check the cause of the failure. According to master analysis, it is estimated that because my computer system is win-CK dows2000, it is not stable enough. It was already 10 o'clock in the evening, and Master said it was too late for me to continue teaching, so I contacted him the next day.

Day5 explain

This evening, I changed a Windows XP notebook, and master again contact, should be no problem. Sure enough, under the guidance of Master's QQ remote control, the test and commissioning of Grey Pigeon Server software is well. Then master asked me to follow the "No Kill tutorial", the resulting server software to avoid killing to avoid anti-virus software.

According to the tutorial method, I used 4 different tools, step-by-Step completion of the Server software processing, and sure enough to escape the computer in Kaspersky antivirus treatment. Oh, finally than yesterday to smooth, step-by-step approach to victory.

To my computer knowledge, the killing process should be in the software to add a lot of irrelevant code, and then add the shell, and then a number of compression encryption to achieve the effect of avoiding antivirus software. But I found out that the creator of the Kill-free tutorial was not the master, it seems that someone from the Black Hawk Red Base site, maybe they have communication.

    completed the grey Pigeon Server Software debugging and kill, finally to the third step. Following Master's instructions, I began to learn the next step ——— catching chickens. But after watching the course of automatic scratch, it was found that an important tool was missing. At that time, Master was offline, so I can only ask a brother who is still online. A good brother told me that this tool must be purchased from master, "I can't find it outside, it's made by master, it's about 50 yuan." #p # Paging title #e#
 
    Well, since Master is away and can't get the tools, I'll try another hacker tool and tutorial that I downloaded two days ago. Unfortunately, in the end there was no success, it seems that the master has to teach me step-by-step.

Day6 small into peeping
 
    sixth days, still did not find a chicken, really a bit discouraged. But Master comforted me by saying that this thing is not urgent, be patient. He also told me that some of my disciples had read the tutorials and learned the lesson, and soon apprenticeship.
 
    Follow the tutorial, I configured the Gray Pigeon service side, once again to kill. And according to the network found the tutorial in turn port scan, weak password password scan. After 3 hours of waiting, finally my software prompts have found 14 target computers.
 
    can't restrain the emotion, according to the tutorial, I remotely landing the target computer, upload gray pigeon service side, run. Ah, finally gray pigeons have reacted, the target computer finally I control, I have their first broiler (see the upper right), Long live! My first broiler in Mianyang, Sichuan, I found a picture folder on my computer. "Gansu pictures?" "Download to see, the original is a bit mm in the sights of the photos ah." Go ahead and see if there's anything else.
 
    at the same time I continue to see if the vulnerable computer can invade, the result is 4:14, less than 30% of the success rate, but I have been very satisfied.
 
    invaded a broiler, from Fujian, but there seems to be nothing in the computer, only a contact form, uninteresting, closed.
 
    Another chicken inside a lot of the files related to the game, it should be a game player. (See bottom right) What's he doing? In playing games, good, next time I give him to grow a game trojan, the equipment to steal all sold.
Yes, I heard that gray pigeons can also open the chicken's webcam. Try, how did not respond, probably did not install the camera or plug it, next time try other broiler.
 
    unconsciously it is more than one o'clock in the morning, although tomorrow, no, should not work today, but still go to bed first.

Day7 hesitate to give up

This afternoon, I have the experience of these days to show off the cousin, the result was she gave a good scolding, because she was in the gray pigeon, the result of the reload system and patched to solve.

But I just got started, and I just gave up? When I went home and looked at the world's number one hacker Kevin Mittnick, I found myself not a hacker at all, but a shameful voyeur.

In this group only for a short period of six days, to see more than 20 students often online, but also some "learn to have" apprentice under Master's permission to teach new rookie, so every day to join the group of people more than 20. However, if the meaning of the words to show that they do not want to pay for learning, it will be master and brother did not hesitate to kick out the group. Master and several core members of the monthly income of more than million, and this group was established only a short period of 4 months.

Well, I'll give it all up, it's not a glorious experience. In the evening I opened the Gray pigeon again, removing the server-side software on the broiler. I decided to say good-bye to this, to straighten up, to wake up tomorrow, I decided to be a good person.

Behind-the-scenes investigation

The Rampant Trojan Horse teaching

From Kevin's letter and the reporter then investigation, the Trojan teaching is not only QQ on one-on-one counseling, has presented a diverse, professional situation.

In fact, the reporter also through the Baidu Bar to contact a number of Professor Trojan Horse and the people who sell Trojans. One of the professors of the remittance address for Henan Shangqiu, he gave a reporter to show his own various types of Trojan stolen tool screenshots, let the reporter look at open a price, known as "package teaching package will." And he promised to go on a video course the same night. According to this person, he teaches people to use Trojans, mainly for their own website to raise fees.

And another "teacher", the price is much higher. From his chat with reporters and the content of the post, he should be a hacker forum moderator level above the figure. He sold the hacker tools ——— Black XX remote control modified to kill version, from the demo animation analysis, the function is roughly the same as the gray pigeon, but also added a DDoS attack function. He asked the reporter for 100 yuan, 300 yuan, 400 yuan, the latter two price grades also promised to upgrade the software lifetime free.

In addition, the reporter also joined a "Hacker Lovers Paradise" QQ Group (group number is 39191700), the host of the group said that every 8 o'clock in the evening in a voice chat room for the teaching of phonetics, including gray pigeons, double open 3389, online games trojan, senior Trojan, Brush Q, Invasion, "black" and so on. And the reporter in the evening several times into the chat room, indeed found that the host of the Group of Voice teaching.

In addition to Baidu posted above the overflow of the Professor Trojan, the Forum on the Trojans into a more secretive state. In the March, the Gray Pigeon Studio stopped the Web site update in a striking, claiming a permanent shutdown, while two other important web sites on gray pigeons were also revamped. For example, Phoenix Gray Pigeon Forum changed its name to the Phoenix Studio Forum, the previous open registration to the invitation to register, only the old members can invite new entrants in, others more difficult to glimpse the Earth. Although the content of this forum appears to have been a makeover, but Trojans, loopholes, killing and so on are still the important topic of hot discussion. Another Lattice forum (formerly known as the Pigeon Forum) has come crashing down, and the page will not open. However, online security or hackers, Red Guest banner website, forum, everywhere can find all kinds of hacker tutorials.

Reporter observation

Grey 100 million yuan

As long as a little understanding of computer and network knowledge users, coupled with a little patience, can easily go to play Trojans, catch chickens, modify the system, peeping video, to get the various files in the broiler computer, and chickens are unaware.

So, when the Gray Pigeon Studios argue that the gray pigeon is just a remote control software, the reason is so feeble. Other real remote control software, such as pcanywhere, Windows Remote Desktop, QQ Remote Assistance, all need to be controlled by the consent of the controller, and the controller on the computer have obvious hints. But the gray pigeons are doing everything possible to hide their traces.

In fact, before the gray pigeon, there is also a Trojan horse in the country, is a lot of hackers used to invade, this Trojan is a glacier. The glacier developer Huangxin, a database developer, has never hacked any web site, even while developing test glaciers using a computer of his or her friends. In 2003 Huangxin stopped developing a successor to the glacier, and the programmer's conscience forced him to confront the dangers of a glacier as a hacking tool. By contrast, the behavior of gray pigeon developers, as they say, is only selling kitchen knives, it goes without saying. #p # Paging Title #e#

Gray Pigeon This so-called Trojan grey industrial chain is 100 million yuan? This can not be confirmed, but the reporter saw everything, but is shocking. It is true that programmers who write Trojans earn far more than ordinary programmers.

Reporters in the QQ group for a few days, see Day and night, no area, time someone to show off their stolen chicken files, familiar hackers will discuss whether to do damage. However, when there are new people online to ask questions, "selfless" solutions are few. Want to teach? Want to get a powerful tool? I'm sorry, please pay. 50 Yuan takeoff, the more the better. In these groups, the hierarchy, Master Apprentice, disciple with Shisun, the first level, are the money interests firmly together.

If the earliest hackers just to show off the technology to invade the site but never to do great damage, so that technology enthusiasts admire, now those who play Trojans, have already used their own actions to tarnish the title of hackers, has no morals to say.

Expert perspective

Legal rights are still wishful thinking

Zhou Binqing (Consultant lawyer, Shanghai Information Service Industry Association)

In theory, it is illegal to participate in all parts of the black industrial chain of the Trojan horse. For example, through teaching how to "kind of Trojan" and charge the "teacher", can be classified as "abetting crime" a column, its behavior has formed a "joint crime", other Trojan design, fence, looted and other participants are also difficult to escape.

But the reason why the Trojan horse was finally brought to justice, because the police and other relevant departments have not been the Trojan horse industry chain of the full tracking, lack of adequate resources also caused the industrial chain to carry out a comprehensive investigation of the cost of reconnaissance too high. At present, the relevant departments can only be bad, serious consequences, a large number of cases involved in large-scale investigations, and a small number of major involved in the court. As for those who steal QQ number, destroy the personal computer data behavior, the Public Security Department even does not file a case, in fact in the real life QQ and the net game account is stolen the report and the public security organ inadmissible the situation, has repeatedly occurred.

The main reason for this is that virtual property is still not accurately valued, it is difficult for the judiciary to criminalize theft, at present Trojan criminals are often set "illegal intrusion into computer information system crime", "infringement of the freedom of communication" and other charges, in the high level of the Court does not have a clear statement on the premise of the virtual property, The next court often follows the practice of the past, bypassing the concept of virtual property as a criminal conviction.

If ordinary users want to raise legal weapons to prevent Trojan crime, at least at this stage is still extravagant hope, too high rights of protection costs and legal provisions of the definition of virtual property is still temporarily insurmountable karez. From the actual operation, it is recommended that users more use of firewalls, anti-virus tools and other technical means of their own computer protection.