file access auditing
+ Reply to Thread
Results 1 to 15 of 27

Thread: how to create a detectable trojan undetectable?

Hybrid View

  1. #1
    Join Date
    Sep 2005
    Posts
    19

    how to create a detectable trojan undetectable?

    can some one help me i want to make a detectable trojan undetectable how do i go about doing it. if someone could help me plzzz.

  2. #2
    Join Date
    Sep 2005
    Posts
    2,050

    Undetectable

    Quote Originally Posted by humza
    can some one help me i want to make a detectable trojan undetectable how do i go about doing it. if someone could help me plzzz.
    To make a trojan undetectable to the antivirus, you need to know assembly code. The way you would make it undetectable would be:

    *. Somehow find the strings of code, or "signatures" included in all antivirus programs to detect viruses and trojans.
    2. Find the signature of the trojan you wish to make undetectable,
    *. Try to find this string of code inside your trojan by splitting it.
    4. Then disassemble it and insert a few extra bits of code that would not affect the program, but would change the detectable part of code enough to make it unrecognisable to the AV.

    Now, the trojan would be undetectable, because you have modified it enough for it not to be recognised by the antivirus. Of course, this is an extremely complex thing to attempt, and I don't even know any assembly or machine code, so there are definitely more things you would have to do than I have described, I am just not experienced enough to know about this. So I doubt you would be able to make a trojan undetectable, to do that you have to know machine code and assembly, which is much harder than normal programming languages like c++ because machine code is directly interpreted by the processor, you have to know about how antivirus programs work, and you have to have the right tools to use, like disassemblers etc. So basically, it's not as simple as "here, download this program and it will make all your trojans undetectable", you have to have a lot of knowledge and experience to be able to modify binary programs. If you really wanted to know, you could probably ask some of the admins and moderators of this forum, they might know, although they wouldnt help you if you said you were doing this to a trojan.

  3. #3
    Join Date
    Jan 2006
    Posts
    121

    Thumbs up -

    i read a post by carlo and this is actualy his and the title was "Make your trojans undetactable by Hexing Malware" find that post. maybe that will help you.
    WAFFLES?!?!? OMFG WHERE?!!?

  4. #4
    Join Date
    Sep 2005
    Posts
    2,050

    Undetectable

    Quote Originally Posted by Alucard
    i read a post by carlo and this is actualy his and the title was "Make your trojans undetactable by Hexing Malware" find that post. maybe that will help you.
    Also, if you wanted to make any program like trojan, keylogger etc. undetectable to all antivirus programs, then you could make your own packer from this tutorial:

    [url]http://dasomnetwork.com/~leedw/pub/writing_your_own_packer.html[/url]

    If you haven't got a good knowledge of programming yet then you have no chance following this tutorial, a packer is quite a complex program. But if you could follow it through, the packer you would make would have the ability to make any program at all undetectable to all antiviruses, unless you shared it with people and got it added to the detections. Also, you could follow carlo's post about "hexing your malware", which is probably simple enough for any n00b with a hex editor to follow. His post is here:

    [url]http://www.all-nettools.com/forum/showthread.php?t=222*[/url]

    or the original post he took it from is here:

    [url]http://www.governmentsecurity.org/archive/t*466*.html[/url]

  5. #5
    Join Date
    Jan 2006
    Posts
    153
    thinking outside the box for a moment, why not program something that configures windows remote desktop for your access needs? Given this idea is OS dependant, but antivirus shouldnt pick up a program that simply calls on part of the built in programming of the operating system. Think of Remote Desktop as a windows built in trojan.

    Going with that route or one similar I think you'll find it easy not to set off too many alarms.

    Hope that helps.
    [url]www.informationleak.com[/url]

  6. #6
    Join Date
    Jan 2006
    Posts
    9
    not entirly linked to making the trojan undetectable but...

    if you got into the computer initally (telnet or whatever you choose) then dropping a virus that would then disable or kill the antivirus then going about your original plan without needing to know ASM or having to make your own packer (given you dont have the programming experience or time).

    But if you do have the time...take the other guys's advice of making your own creation...since its nicer to have your own creation instead of piggy backing off of someone elses work :P
    Solus fines finium , es fines finium vos partum
    The only limits, are the ones you create

  7. #7
    Join Date
    Jan 2006
    Posts
    1
    wwwwwwwwwwwwwwaaaaaaaaaaaaaaaarrrrrrrrrrrrrrrr

  8. #8
    Join Date
    Sep 2005
    Posts
    2,050

    spam

    Quote Originally Posted by sansvirus
    wwwwwwwwwwwwwwaaaaaaaaaaaaaaaarrrrrrrrrrrrrrrr
    You went through the whole process of joining this forum just to say THAT? Man, you must have way too much time on your hands if you are signing up to forums just to post some random spam.

  9. #9
    Join Date
    Apr 2007
    Posts
    41
    Quote Originally Posted by sansvirus View Post
    wwwwwwwwwwwwwwaaaaaaaaaaaaaaaarrrrrrrrrrrrrrrr
    hahah your right mike i think he went throught to much trouble just to tell people war lol he must be damn bored.

  10. #10
    Join Date
    Nov 2006
    Posts
    34
    making trojans undetectable is simple once u get the hang of it,ive been doing it for a few years,here is a scan for a bifrost server i undetected.If anyone is interested in a undetected server from me email me, [email]squidderuds@**********[/email]

    [IMG]http://i*7.tinypic.com/2rxfekl.jpg[/IMG]

  11. #11
    Join Date
    Aug 2006
    Posts
    233
    there is a program that i think is one of the best out there to make a trojan or keylogger undetectable.

    your Homework is " Themida"

    Also for the newbiews,windows XP has it's own packer and is pretty good.
    jabber: gh05t*d@jabb*r.org Email: gh05t*d@hack.cl

    Internet security is as real as your Dreams !

  12. #12
    Join Date
    Nov 2006
    Posts
    34
    lol themida adds a megabyte to your servers,and also windows built in "packer" isnt a packer,its a binder,called iexpress,and it wont make your files undetectable,possibly at scan time,but not at runtime.

  13. #13
    Join Date
    Jun 2007
    Posts
    2

    help me!!!

    need to create a undetectable virius but i am a nube

  14. #14
    Join Date
    Jul 2009
    Posts
    2
    removing is one thing, but detection is another thing. It also really depends on which trojan and which OS. There is a trojan for unix/linux which is very hard to detect. As far as i'm aware, theres only one tool to find that specific trojan. Its a very rare trojan, actually its a lot more than a simple trojan. It does not sit and listen on a port like other trojans, it does not show up on any process listing, it only shows up with its antidode. This trojan is called KIS (kernel intrusion system) made by 0ptyx. Its by far the most advanced trojan tool i have ever seen. It acutally sits inside the kernel itself. Even IDS cannot pick up the setup of this trojan. On the other hand, normal users have nothing to fear, since the trojan KIS is used very rarely and its target is mainly very high security boxes. I have never heard of this trojan infecting a home user, or even a small private company.

    For the normal common trojans on windows systems, there are some excellent tools to remove them. I always recomend a look at aswell as getting adaware. Netstat is also helpful, since it shows which ports are in st On the other hand, on windows it normally takes user error to get infected by a trojan, as in lack of antivirus, lack of knowledge, by just clickin on files where you have no idea what they are etc.....
    Last edited by gordo; 07-26-2009 at 10:47 AM.

+ Reply to Thread

Similar Threads

  1. Undetectable Trojan!
    By carlo in forum Internet Privacy
    Replies: 40
    Last Post: 12-12-2008, 08:19 PM
  2. Replies: 1
    Last Post: 07-23-2008, 03:38 PM
  3. Is ardamax undetectable?
    By shaf_9110 in forum Viruses and Trojans
    Replies: 12
    Last Post: 08-06-2007, 11:28 AM
  4. Replies: 3
    Last Post: 12-02-2005, 10:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts