K-K-�s GUIDE TO ================= USING TROJANS =========== Disclaimer ========== Ok im only gonna tell you this once (lets face it i dount want to just every txt file these days has one) its not my fault for any damage caused by the information in this txt file if you those to do any of the activities then it your own fault. Contents ======== 1: Whats a trojan? 2: Why would any one want to use them? 3: do"s and dounts 4: Using Netbus 5: Getting IPs 6: Im in now what? 7: Using SubSeven 8: Ports and ports scanning 9: Using BO2K 10:The pigs are at my door! Whats a trojan? =============== Ok well a trojan is a peice of software used to hack into brake into and spy on some ones computer there are normaly two main parts of a trojan a server and a client the server is a program that needs to be installed on some ones computer in order for you to hack them and a client is the part you control/hack the computer with so if you think about it a trojan is like a bugging transmitter it lets you spy on some activitys while there on the internet. Why would any one want to use a trojan? ======================================= Well there are many reasons realy maybe you want to snoop round some ones computer just to see whats on there or maybe you want to keep tabs on some one to either see if there talking about you behind you back or maybe you just want to have some fun and scare some one shitless. Do"s and dounts ================ Dount infect people you dount know very well for the simple reason there dad could be a pig and have lots of connections or he could be a programmer or something and they know how to trace you dount just delete random file i mean if you do this your realy just BORING i mean for one you wount be able to watch them second if they found out it was you,you will get done for criminal damage the only time you start to delete is when you realy HATE them. A Beginners guide to ====================== NetBus ======== YOU WILL NEED ============== NetBus 1.7 a computer connect to the net a chat program iCq MSN MESSENGER YaHoo! messenger Victims ======= Ok lets say you realy dount like some one and you have there hotmail/yahoo email address ok now make a new hotmail/yahoo account (just for a bit of cover) add them gain there just talk to them get to know there intrests then asuming you have NetBus there will be a progam called "Patch.exe" ok DOUNT open it this little program is the server I.E the program that must be running on the victims computer for you to hack them. So you need to send it to them lets say there intrest is Monster trucks rename the server Monster trucks game or monster truck rally! i mean its not to hard but the victim has to be attracted to this file enough for them to accept it Getting IPs =========== Ok so whats an IP address IP stands for Internet Proticol an IP address looks some thing like this 217.32.246.75 it a number that identifies one computer from another (your ip address changes every time you come online) the way you get an IP address is from the netstat -n command from MS-DOS. Before you send them the server file go to MS-DOS and type in Netstat -n and it should come up with some thing like this C:\Windows>netstat -n Active Connections Proto Local Address Foreign Address State TCP 127.0.0.1:1539 64.4.13.32:1863 ESTABLISHED TCP 127.0.0.1:1113 208.185.211.71:80 ESTABLISHED TCP 127.0.0.1:1122 217.32.246.75:80 ESTABLISHED C:\Windows> It should look like that any we give or take a few IPs now send them the server once they have accepted the server file type in Netstat -n again and some thing like this should come up C:\Windows>netstat -n Active Connections Proto Local Address Foreign Address State TCP 127.0.0.1:1539 64.4.13.32:1863 ESTABLISHED TCP 127.0.0.1:1113 208.185.211.71:80 ESTABLISHED TCP 127.0.0.1:1122 217.32.246.75:80 ESTABLISHED TCP 127.0.0.1:2134 64.254.113.45:1302 ESTABLISHED (Ok this is there IP address) you can tell because it is a new active connection it wasnt there before. ok now you have there IP put it into NetBus (port 12345) and hit connect hopefully if you have done it right it should say some thing like "Connect NetBus Version 70 Im on now what? ================ Well your now in there computer just look at some of the options im mean come on Open CD-ROM dive Close CD-ROM drive Show images Swap mouse bottons Run programs Send messages Screendump(see whats on there screen) Get computers info Regedit Play run sounds Shut down computers Active windows Control mouse Keylogger(see what there typing on there keyboard) and of course File manager Just try not to let them know you in there get what i mean or they will catch on to you:-) ok now you can use NetBus lets learn some thing a little harder SubSeven2.1.3 Bonus by mobman A Beginners guide to using ============================ SubSeven ========== Ok now there a 3 parts to SubSeven a client a server and an edit server now this is the good part of SubSeven insted of some one telling you what port you should run on what the server icon should look like and how the server should start up you can choose your self ok open Edit server now it will first say at the top server select the server then start up method(s) if i wure you i would click all of them expet Win.ini then victim name leave it blank here we go E MAIL NOTIFY! this realy is a good option type in your email addres where it says Notify to then server if you use HOTMAIL the server will be MAIL.HOTMAIL.COM if you use Yahoo! it will be mx1.yahoo.com and here are some other servers. hotmail.com -> mail.hotmail.com yahoo.com -> mx1.yahoo.com hushmail.com -> www.hushmail.com rocketmail.com -> mta1.rocketmail.com altavista.net -> spool.globecomm.net angelfire.com -> mta1-mail.angelfire.com juno.com -> a.mx.juno.com mailcity.com -> mta5-mail.mailcity.com Ok now the startup port now it will have the defaut port in there 27374 you can leave it at that there no problem with that but you can change it to some thing like 1234 or 124356 what ever you want then server password it is a good idia to use this so people carnt steal your victims then heres a good one enable fake error message this lets you make an error messager so when the victim opens it the will see an error like "COULD NOT OPEN FILE" but use what ever you want then in the top right change server icon! this is realy good for making the server look like games and things then save your server and now your ready to send the server to some one (do the same thing as you did with NetBus MS-DOS netstat -n)then hit connect it will say some thing like "Connected 8:21pm Version 2.1.3 Bonus". here are just some of the options on SubSeven Ip scanner Computer info Home info server setup keylogger send keys chat with victim THE MATRIX.... :-) this is a gr8 option ill leave you to find out what it does.... Spy (spy on convos) iCq TAKE OVER! password reciver REDEDIT App processer file manager windows manager process manager webcam spy and LOADS more Ports and port scanning ======================== ok now once you have a port scanner you can scan random IPs for open ports like 27374 and 12345:-) providing they dount have password on them here are a few trojan ports worth scanning Ports| trojans| ----- -------- 31, Master Paradise 121, BO jammerkillahV 456, HackersParadise 555, Phase Zero 666, Attack FTP 001, Silencer 1001, Silencer 1001, WebEx 1010, Doly Trojan 1.30 (Subm.Cronco) 1011, Doly Trojan 1.1+1.2 1015, Doly Trojan 1.5 (Subm.Cronco) 1033, Netspy 1042, Bla1.1 1170, Streaming Audio Trojan 1207, SoftWar 27374,SubSeven 1245, Vodoo 1269, Maverick's Matrix 1492, FTP99CMP 1509, PsyberStreamingServer Nikhil G 1600, Shiva Burka 1807, SpySender 1981, ShockRave 1999, Backdoor 1999, Transcout 1.1 + 1.2 2001, DerSpaeher 3 2001, TrojanCow 2023, Pass Ripper,,, 2140, The Invasor Nikhil G. 2283, HVL Rat5 2565, Striker 2583, Wincrash2 2801, Phineas Nikhil G 3791, Total Eclypse (FTP) 4567, FileNail Danny 4950, IcqTrojan 4950, IcqTrojen 5000, Socket23 5011, OOTLT 031, NetMetro1.0 5400, BladeRunner,,, 5400, BackConstruction1.2 5521, IllusionMailer 5550, XTCP 2.0 + 2.01 5569, RoboHack 5742, Wincrash 6400, The tHing 6669, Vampire 1.0 6670, Deep Throat 6883, DeltaSource (DarkStar) 6912, Shitheep 6939, Indoctrination 7306, NetMonitor 7789, iCkiller 9872, PortalOfDoom 9875, Portal of Doom 9989, iNi-Killer 9989, InIkiller 10607, Coma Danny 11000, SennaSpyTrojans 11223, ProgenicTrojan 12076, Gjamer 12223, Hack�99 KeyLogger 12346, NetBus 1.x (avoiding Netbuster) 12701, Eclipse 2000 16969, Priotrity 20000, Millenium 20034, NetBus Pro 20203, Logged! A Beginners guide to using ============================ BO2K ====== BO2K or Back Orifice 2000 is one of the most POWERFULL trojans/admin tools out there well for the microsoft environment its not just a trojan thought its also a remote network administration tool so you can use it to hack and if ur an admin it can make your life a bit eisier i belive if you can master this trojan you can master any trojan this is realy only for advanced users (as it was first made for linux) its default TCP port is 18006 if its UDPIO the port will be 54320. Make your server ================= Like SubSeven there is an edit server this is called bo2kcfg open it it will ask you for ports and passwords just use the default port 18006 for TCP networking then it will go onto BO2K server configuration select your server (BO2K) and insert the BO_PEEP plugin this comes in the zip file adding this plugin will add the vid streem option and hijack option BO_PEEP also lets the server communicate better with the client then go to the stealth sub folder and enable the server to start up on the victims startup and you can change some default ports if you want but its not a good idia another good plugin to have is Rattler v10 this send an email when the user is online but you need to configure this from the client. again re-name the server and then get the IP from netstat -n now heres some thing differnet open bo2kgui this is the client then click the little computer in the bottom left it will come up with edit server settings name of server well say you named the server my pic put my pic in there the server address if there ip is 123.456.78.910 and ur port is 18006 put in there 123.456.78.910:18006 then click ok then connect... it will say something like in the server responce section now this is pritty hard to master lets say you wanna log the victims key strokes you go to keylogging log keystrokes then it will say diskfile this is where you wanna log the key strokes to type in a path like C:\windows\system\catroot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} some where they will never look then wait for around 20mins then go to stop keylogging and send the command then to view keystroke logs C:\windows\system\catroot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} then send command it will the let you view the logs in the server responce section just mess around with it you will get it its one of those trojan that you need to work out your self theres just so many commands for me to go frew them all but heres some options Keylogging M$ networking TCP\IP network mapping file manager REGEIDT and more and belive me there is loads more also you can infect networks with this trojan but its not a good idia because an admin will spot it right away unless your an admin your self and want to use it to well admin things....:-) What if the pigs turn up at your door ===================================== Well as long as it your first offence and you didnt FUCK SOME ONES COMPUTER UP just admit that you did it becuase they will be able to ask your ISP and the can trace you any time any where and also it will give the police the idia that your not realy that bad you have admitted it and your ready to face what you did(they wount do any thing unless you fucked up some ones computer) Any way hope this has helped some one BY K-K-� -----------------------------------------------------------------------------------------------------------------------------