Know the hacker's method of planting Trojan horse and its precaution strategy

Operation Steps:

First, the planting Trojan

Now the popular Trojan horse is basically using the C/s structure (client/server side). You want to use the Trojan to control each other's computer, first need to plant in each other's computer and run the server program, and then run the local computer client program to the other computer to connect and then control the other computer.

In order to avoid unfamiliar Trojan users run the server, the popular Trojan horse does not provide a separate server program, but through the user set up to generate the server, Black Hole 2004 is the same. First run Black Hole 2004, click on the "function/Generate Server" command, pop-up "server Configuration" interface. Since Black Hole 2004 uses a rebound technique (please take a little knowledge), first click on the next "View" button, in the pop-up window to set up a new domain name, enter your space in advance domain name and password, click "Domain name registration", in the window below will reflect the registration situation. After the successful domain registration, return to the "Server Configuration" interface, fill in the domain name just requested, as well as "online display Name", "Registry startup name" and other items. To confuse others, you can click the Change Server icon button to select an icon for the server. When all the settings are complete, click on "Generate EXE Server" to generate a server. At the same time of generating the service side, the software will automatically use UPX to compress the server, which can protect the service side.

After the server is built, the next step is to implant the service end into someone else's computer? Common methods are to invade other people's computers by means of a system or software vulnerability, or by sending a server-side server to their computer; As well as the service end of the masquerade into their own shared folders, through Peer-to-peer software (such as pp dot pass, hundred treasure, etc.), so that users in no defense to download and run the server program.

Because this article mainly faces the ordinary network enthusiasts, therefore uses the simpler email entrainment, for everybody to carry on the explanation. For example, we use flash animations that you will often see, create a folder named "Good-looking animation", and then create folders inside the folder "animation. Files", put the Trojan server software in the folder assume the name is "Abc.exe", and then create a flash file in the folder , in the Flash file 1th frame input text "Your playback plugin is not complete, click the button below, click the Open button to install the plugin, create a New button component, drag it to the stage, open the Action panel, and enter the On (press) {GetURL (" animation ") inside. files/ Abc.exe ");}", which means that the ABC file is executed when the button is clicked. Create a new Web page file in the folder "nice animation" named "animated. htm" and put the animation you just made into the page. Do you see the doorway? Usually the site you download is an. html file and a folder that ends with. Files, the reason why we are so constructed is also used to confuse the open, after all, few people will turn. Files folder. Now we can write a new email, compress the folder "nice animation" into a file, put it in the email attachment, and write a tempting theme. As long as the other side is convinced to run it and reboot the system, the server is planted successfully.

Second, the use of Trojans

After the successful implantation of the Trojan server, you will need to wait patiently for the server to be online. Since the black Hole 2004 uses the reverse connection technology, therefore the service end on-line will automatically connect with the client, at this time, we can manipulate the client to carry on the remote control to the server. In the list below the black hole 2004, select a computer that is already online, and then use the command button above to

To control the computer. The following is a brief introduction to the meaning of these commands.

File management: After the service end of the line, you can through the "File Management" command to the server computer files to download, new, renamed, Delete and other operations. You can drag files or folders directly to the destination folder by using the mouse, and support breakpoint transmission. Easy, huh?

Process management: View, refresh, close the process of each other, if you find anti-virus software or firewalls, you can close the corresponding process, to protect the server-side program.

Window Management: Management of the server-side computer's program window, you can make the other side of the window of the program to maximize, minimize, normal shutdown and other operations, so more flexible than the process management. You can play a lot of pranks, such as maximizing and minimizing one of the other's windows.

Video monitoring and voice monitoring: If the remote server computer has a USB camera installed, it can be used to obtain images, and can be directly saved as media play can be directly played by MPEG files; If you need a microphone, you can hear their conversation, horror?

In addition to these features described above, but also include keyboard records, restart shutdown, remote Uninstall, grab screen view password and other functions, the operation is very simple, understand? It's easy to be a hacker.