PDA

View Full Version : Reverse Connecting Trojans



wayno
07-11-2006, 09:06 PM
Im sure many of you will have heard of ProRAT public editions, and Sub7.. and the rest. Although these trojans only work if both hacker, and victim are connected to the internet via modems.
Reverse Connection trojans can connect to computers behind Routers (with NAT) and firewalls. ProRAT 2.0 is an example of this.. so iv heard.
Is it possible to connect to a remote computer behind a router using ProRAT version *.* with a static IP (using no-ip.com)??? So far I have been unsuccessful : (

Does anyone know of any reverse connecting torjans that are available to the pulic for free?

If you have anything to say on the matter.. I would be pleased to hear from you.

wayno

Ezekiel
07-12-2006, 11:11 AM
Im sure many of you will have heard of ProRAT public editions, and Sub7.. and the rest. Although these trojans only work if both hacker, and victim are connected to the internet via modems.

Wrong, the 'hacker' (read: script kiddy) can be connecting directly to them through a modem OR be connecting from behind a router; it really doesn't matter. Since he is the one initiating the connection to the server, everything on his end will be handled accordingly.

This is the same with all similar situations - to connect to any server you don't have to be directly using a modem or forwarded ports, only the server side of the connection has to be directly accessible (either directly connected or with port forwarding).

Are you accessing this page with your browser from behind a router? Probably. Connecting to all-nettools.com on port 80 with your browser is no different from connecting to a sub7 server - YOU don't have to do anything to simply connect to them, but THEY must make themself available to the internet.

No forwarding required for router.
[]
\
[] --- ROUTER=[]====================[]=SERVER <- Server must be accessible directly.
/
[]

wayno
07-12-2006, 12:10 PM
ok, thanks for explaining. Now I understand.

ProRAT *.* fix 2 should, in theory be able to connect to a computer behind a router if there is a clear path. correct?

I am having real problems with it.

if your free anytime soon, could i possibly talk to you over msn?

Ezekiel
07-12-2006, 03:04 PM
ok, thanks for explaining. Now I understand.

ProRAT *.* fix 2 should, in theory be able to connect to a computer behind a router if there is a clear path. correct?

I am having real problems with it.

if your free anytime soon, could i possibly talk to you over msn?

Yes, you would be able to connect to them if they either had ports forwarded OR are connected directly to the internet, but most people use routers now, so chances are they will NOT be in a position to run any sort of server program.

You can add me on msn if you want, [EDIT: EMAIL REMOVED. PM ME FOR IT], but i'll tell you now - I have absolutely NO interest in talking about using trojans, so if you want to ask me how to use prorat or something, forget it. The same goes for anyone else who reads this - if you add me to msn then ask me questions like "how do I hack", "how do I use [X] trojan", "how do I hack hotmail", or "please make me a hacker", I will simply block you.

Ezekiel
08-08-2006, 04:45 AM
wrong mike,the victim wouldnt have to have thir "ports forwarded" like u said.if you are using a reverse connection trojan,they connect to you,meaning it doesnt matter if they are behind a router because they are making the connection,and the reason wayno cant get a connection is because reverse connection does not work in prorat free edition you either need to buy it,or download a free reverse connection tool like bifrost or poison ivy at chasenet.org

if you dont want to pay $200.00 for prorat,or $*00 for poison ivy and bifrost email me and i will make you * much much cheaper

squidderuds@**********

Man, why are you always trying (and failing) to prove me wrong? Just think before you post.

A client can connect to a server without any changes to the router's settings on his end, but the server must be accessible. This is because behind a router you can always initiate connections, due to network address translation; but not accept them.

However, anyone running any sort of server program (in this case a RAT) must make sure the computer is directly accessible to the internet - usually by forwarding ports to their local address in the router's settings.

This is the same for trojan servers - they must be directly accessible to the internet. Which is what I clearly said here:


Yes, you would be able to connect to them if they either had ports forwarded OR are connected directly to the internet, but most people use routers now, so chances are they will NOT be in a position to run any sort of server program.

I also said that if you connect directly to the internet (modem dial up or such), you can accept connections, because you are directly connected to the internet.

Of course, if the RAT uses reverse-connection methods, it becomes the client connecting to you (the server), and needs NO changes to the router's settings on it's end. It is in this situation that YOU now have to make YOUR computer directly accessible to the internet, in your router's port forwarding settings.

kirk
08-08-2006, 05:19 AM
@squidder: i got tired with all your moaning about undetectables you make... you simply CANNOT make those trojans well undetected, maybe you can fool 2-* weak AVs with your hexediting, but not more

@mods: I believe all squidder's posts should be moved on the Advertisements section

average_joe
08-17-2006, 02:54 PM
ok, im newish to prorat, been using it a few weeks now but i've had results. Today i downloaded that *.* se patch to allow me to get past routers, cool... in setting up my new server i got totally lost and confused at all that proconnective stuff...

for starters i dont fully understand the difference or proper definition of IP, proxy and DNS (which obviously concerns all this) so if anyone could briefly explain this in leymans terms it would be much appreciated.

anyway, after following prorats instructions on proconnective best i could, i signed upto no-ip, downloaded the DUC freeware (even though im not sure i need this) and set up a host on it... but when i try to test it its failing!

i'd appreciate a bit of simple but effective advice folks.

Cheers