Jump to content

Basic Trojan in VB - Tutorial

Jett
Jett
in Computer Discussion

Featured Replies

Posted

As you have probably noticed, I'm new here.

 

I dunno where else to post or what to post about so I might as well post a tutorial I wrote for hackthissite.org...

 

http://www.hackthissite.org/articles/read/407/ - remove this link if you consider it advertising

 

And here's the article for those too lazy too sign up [sorry about the code formatting]:

 

Making a simple "Trojan Virus" in Visual Basic using Winsock

Published by: JettPrograms, on 2005-12-30 13:37:51

- Simple 'Trojan Virus' in Visual Basic -

 

In this tutorial you will learn about:

- Client/Server applications

- Winsock functions

- Left()

- Right()

- Select Case

 

First off you need to learn about client/server applications (note: this tutorial is for basic trojans and not for more advanced features like reverse connecting, those will be covered in a later tutorial if ever)Client/Server applicatons are broke into 2 parts, as one may guess. The client and the server. The client is the program that is connecting to the server and the server is accepting connections (although you can have it reverse connect to get by the router but that's not for this tutorial).

Basicly the server is 'listening' for a connection and once a client attempts to connect to the server, the server accepts the connection and boom a connection is made. Once connected, you can send data from the client to the server and vice versa. An example would be a simple chat

program where you're sending a message back and forth and the message is displayed on the other's screen.

 

Now how can we do something like this in Visual Basic? It's quite simple. Since this is a test I'm just going to have you create ONE application with two forms rather than two applications, but you can create two applications if you wish and just follow the general instructions of this tutorial.

 

Alright, first off we should create a listening server. Open up VB and make a standard EXE and add another form so you have Form1 and Form2. Rename the forms (change their .name properties) to frmClient and frmServer. Goto Project -> Components and put a check next to "Microsoft Winsock Control 6.0," if you do not have this control, do not worry! A simple google search for "MSWINSCK.OCX" will find you a download in no time (note: it goes in

%systemroot%/system32/). Alright, now hit OK.

 

What we just did: We added Microsoft's Winsock control to our toolbox. You can see that it is the last object on your toolbox (it has an icon that looks like 2 computers with a red wire connecting them)Add this control onto frmServer and change it's .name property to sckServer. Open up the code for frmServer and let's take a look at some of the subroutines/functions that the winsock control has. To do this, I usualy type in "sckServer." and a little list pops up with all the properties, etc. Here's one that looks interesting: "sckServer.Listen."

 

There aren't any arguments for it so we need to find a way to set what port it's listening on or else it will error. Luckily another thing that I see in the list is "sckServer.LocalPort." Let's try to edit this to be what port we want. I'll be using 1234 for this example.

 

Let's add some code to the Form_Load() subroutine of frmServer to do what

 

we just found out:

 

Private Sub Form_Load()

sckServer.LocalPort = 1234

sckServer.Listen

End Sub

 

Goto Project -> Project 1 Properties... and change the Startup Object to frmServer. Save the program and run it. It seems to work fine, right? But there's nothing connecting to us so there's nothing to do. Even if they did try to connect to us, it would reject it because all we're doing is listening, not accepting.

 

Let's add in accepting. I see that there is a subroutine that is called whenever someone tries connecting. It's called "ConnectionRequest:"

 

Private Sub sckServer_ConnectionRequest(ByVal requestID As Long)

 

End Sub

 

Well it's very simple to make it accept so here it is:

 

Private Sub sckServer_ConnectionRequest(ByVal requestID As Long)

sckServer.Accept requestID

End Sub

 

Now let's make our client...

 

Add a winsock control to frmClient and name it sckClient. Add 3 text boxes and 2 command buttons. Name them accordingly:

 

Current Name: New Name: New .caption/.text Value

Text1: txtIP: IP Address

Text2: txtPort: Port

Text3: txtMsg: Type your message here

Command1: cmdConnect

Command2: cmdShowMsg

 

Now here's the commented code for this page:

 

Private Sub cmdConnect_Click()

'Connect using sckClient

sckClient.Connect txtIP.Text, txtPort.Text

End Sub

 

Private Sub cmdShowMsg_Click()

'Send data to the server containing msg| and then the message you wish to show

sckClient.SendData "msg|" & txtMsg.Text

End Sub

 

Private Sub sckClient_Connect()

'Let us know that we're connected!

MsgBox "Connected!", vbInformation, "Client"

End Sub

 

Private Sub sckClient_Error(ByVal Number As Integer, Description As String,

 

ByVal Scode As Long, ByVal Source As String, ByVal HelpFile As String,

 

ByVal HelpContext As Long, CancelDisplay As Boolean)

MsgBox Description, vbCritical, "Error"

End Sub

 

Surprisingly enough, that's it for the client.

 

Now let's go back to the server and have it accept data...

 

In frmServer:

 

Private Sub sckServer_DataArrival(ByVal bytesTotal As Long)

'Define variables:

Dim strData As String, strCommand As String, strArgument As String

'Get the data recieved and put it into strData:

sckServer.GetData strData

'Grabs the left 4 characters of strData (EG: "msg|"):

strCommand = Left(strData, 4)

'Grabs everything to the right of the command (EG: "This is a test" in

 

the string "msg|This is a test"):

strArgument = Right(strData, Len(strData) - Len(strCommand))

Select Case strCommand

'Sent the command to show an error message, show the error message:

Case "msg|":

MsgBox strArgument

'[add more commands using this format]

End Select

End Sub

 

Well, that all works and everything is fine! But why isn't frmClient showing up? That's because we have frmServer set as our startup form. Just add this code into frmServer's form_load subroutine:

 

frmClient.Show

 

Alright. We test it out and try to connect to ourselves ("127.0.0.1") and we get an error on this line:

 

sckServer.Accept requestID

 

apperently it isn't working how we want it to, but not to fear! Just add this line of code above it to Close the server (stop it from listening) and then accept the connection:

 

sckServer.Close

 

OK. We test it out and it works fine! We close the program because we're done and we go back to the source and now we're going to try out some other stuff.... actualy, take off the "we," this is extra practice for you!

 

Extra practice:

 

Add a button onto the client that closes the current connection (HINTS:

 

sckClient.Close and sckServer_Close()) (don't forget that you need to start

 

listening again after it closes or else it wont accept connections)

 

Add in more functions for the client! Keep the commands 3 letters long with the "|" character at the end of them. A few ideas are "del|" to delete a file and "cpy|" to copy itself to a specific directory.

 

Happy programming! Full source code included below for you lazy people.

 

'''''frmClient:'''''

 

Private Sub cmdConnect_Click()

'Connect using sckClient

sckClient.Connect txtIP.Text, txtPort.Text

End Sub

 

Private Sub cmdShowMsg_Click()

'Send data to the server containing msg| and then the message you wish

 

to show

sckClient.SendData "msg|" & txtMsg.Text

End Sub

 

Private Sub sckClient_Connect()

'Let us know that we're connected!

MsgBox "Connected!", vbInformation, "Client"

End Sub

 

Private Sub sckClient_Error(ByVal Number As Integer, Description As String,

 

ByVal Scode As Long, ByVal Source As String, ByVal HelpFile As String,

 

ByVal HelpContext As Long, CancelDisplay As Boolean)

MsgBox Description, vbCritical, "Error"

End Sub

 

'''''frmServer:'''''

 

Private Sub Form_Load()

sckServer.LocalPort = 1234

sckServer.Listen

frmClient.Show

End Sub

 

Private Sub sckServer_ConnectionRequest(ByVal requestID As Long)

sckServer.Close

sckServer.Accept requestID

End Sub

 

Private Sub sckServer_DataArrival(ByVal bytesTotal As Long)

'Define variables:

Dim strData As String, strCommand As String, strArgument As String

'Get the data recieved and put it into strData:

sckServer.GetData strData

'Grabs the left 4 characters of strData (EG: "msg|"):

strCommand = Left(strData, 4)

'Grabs everything to the right of the command (EG: "This is a test" in

 

the string "msg|This is a test"):

strArgument = Right(strData, Len(strData) - Len(strCommand))

Select Case strCommand

'Sent the command to show an error message, show the error message:

Case "msg|":

MsgBox strArgument

'[add more commands using this format]

End Select

End Sub

netcode could be cleaner, for example i dont see the purpose of "msg|", is this so n00bs that just downloaded WPE could detect it easier?

 

or a waste of 3 KB?

 

just do

 

dim rofl as string

dim ident as string

winsock1.getdata rofl

 

ident = left(rofl, 1)

 

select case ident

 

case chr(1)

msgbox rofl

 

case chr(2)

shutdownfunction()

 

end select

 

or some shit.

 

encrypting the text with a simple encrypt function wouldnt hurt any either, and i suggest using C++ for your net TROJAN SERVER because VB6 runtimes fuck it up.

 

people who installed VB6 or the runtimes generally arent dumb enough to accept random EXEs

  • Author
netcode could be cleaner, for example i dont see the purpose of "msg|", is this so n00bs that just downloaded WPE could detect it easier?

 

or a waste of 3 KB?

 

just do

 

dim rofl as string

dim ident as string

winsock1.getdata rofl

 

ident = left(rofl, 1)

 

select case ident

 

case chr(1)

msgbox rofl

 

case chr(2)

shutdownfunction()

 

end select

 

or some shit.

 

encrypting the text with a simple encrypt function wouldnt hurt any either, and i suggest using C++ for your net TROJAN SERVER because VB6 runtimes fuck it up.

 

people who installed VB6 or the runtimes generally arent dumb enough to accept random EXEs

 

Maybe you didn't read the name of the topic:

 

Basic Trojan in VB

 

Maybe if it said:

 

Trojan in C++

 

then the encryption and using C++ for the server might have actualy been used.

 

Do you really think that this is supposed to be a full tutorial? Do you think that anyone could make a half-decent trojan using this tutorial? Hell no. It was meant as an introduction to client/server applications being used in a malicious manner.

 

jett was shit on socomcodes ahah

 

A) That made no sense.

B) Do I know you?

C) I'm just going to make the assumption that you're from SOCOMCodes because you type like all the other stupid-asshole-noobs there.

 

edit: Scratch that, Crezza.

 

After going through some of your dumbass posts on socomcodes, it seems that you haven't posted a single helpfull post at all. On top of that, you type like you're going to get punched in the face if you type a single sentence correctly, since none of your posts ever make sense.

 

I'm also feeling the immense amount of spam:

 

http://socomcodes.com/vb/showpost.php?p=334292&postcount=71

 

I can take a few dumbass comments and not consider those spam, but when going through yours all I really see is "OK!!!!!!!!!!!!!!!!!," and I know that the !'s are just because of the 10 character pre-requisit (sp?).

  • 2 weeks later...

Hey Jett, nice tutorial.

 

I've tried it out, but eventually when I try to run it

 

(after this):

sckServer.Close

 

OK. We test it out and it works fine! We close the program because we're done and we go back to the source and now we're going to try out some other stuff.... actualy, take off the "we," this is extra practice for you!

 

I get an error saying there is no buffering space available or sumthing.

 

Perhaps I copied some of the code wrong?

Guest
This topic is now closed to further replies.
Go to topic listing