Unthinkable Hacking Techniques !!!

Discussion in 'Ethical hacking Tips' started by Bhullarz, Oct 28, 2008.

  1. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    Bro ! I do understand that known trojans are easy to be detected, but what about those which are yet to discover?
     
  2. reddyschintu

    reddyschintu Banned

    Joined:
    Nov 11, 2008
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    student
    Location:
    karimnagar
    Home Page:
    http://v2tricks.blogspot.com/
    iam talking about the common cracks which we get from forums and websites which are zipped with virus ,while we open the zip file we get infected with so for over coming that problem we hav to use make iso of the zip file and open image drives and take the crack we need and liv the rest in the drive itself..for ur kind info from virtual drives unless thr is a autoplay no virus spread to our system


    decoding in the sense the above process and i waz running of time so din explain everything over thr


    and u said hackers send malicous codes to servers thats not right ok if they send they are not said to be hackers..please know the meaning of hackand talk about hackers
     
  3. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    I think you really need to read my another thread regarding trojans "Trojan-Pedia" , in which I have just explained how your machine can be used by hackers and now this machine can be server too. If you know about DOWNLOADER Trojans, using viruses are updated before the Anti-Viruses detect them in that case I think HACKER himself has to update the VIRUS Code and has to send through DOWNLOADERS' Server/Client Program.
     
  4. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
  5. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    I think this is one of the good discussions on go4expert.com. If some other members have some view points, I invite all to share here regarding TROJANS / HACKING / HACKERS. It would be a great source of knowledge for all.
     
  6. happyz

    happyz New Member

    Joined:
    Nov 18, 2008
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    0
    This is really a gud info
     
  7. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
  8. TriG0rZ

    TriG0rZ New Member

    Joined:
    Oct 2, 2008
    Messages:
    88
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    UK
    feck me, thanks for the info man :)
     
  9. coderzone

    coderzone Super Moderator

    Joined:
    Jul 25, 2004
    Messages:
    736
    Likes Received:
    38
    Trophy Points:
    28
    Really good information but you could have made all in one post rather than into many posts.
     
  10. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    Thank you. I think the discussion we all had here, made the post WORTHY.

    Thanks to all, who participated.
     
  11. kisanka

    kisanka New Member

    Joined:
    Dec 31, 2008
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    0
    wow, really nice thread. even nicer if someone continue this.
     
  12. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    yeah ! This thread is still open. If anyone wants to ask anything about hacking techniques or have anything to say on this topic is invited....
     
  13. rajdaan

    rajdaan New Member

    Joined:
    Mar 3, 2009
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    good..........................
     
  14. we3z

    we3z New Member

    Joined:
    Apr 3, 2009
    Messages:
    1
    Likes Received:
    1
    Trophy Points:
    0
    Hi,

    many things said in this thread are just urban legends, some are pure nonsense and most of the information you provide is a few years old. Maybe you should first of all define what you are talking about. Trojan horses are a wide topic ;)


    I. Trojan horses used by scriptkiddies apply to the rules you tried to set up here. They will be detected by AV (even if packed WinPEs are used as the packer sigs are known) and as long as these scriptkiddies do not have serverbuilder programs with really good advanced polymorphism technologies they will not get past your AV (you should update signatures on a regular basis). These are only a problem if you download stuff from websites you shouldn't trust.


    II. Trojan horses made by someone who is older than 14 and who not just wants to play superhacker will mostly not apply to the things said in this thread. AVs will not catch you if you write your own trojan horse, pack the WinPE with your own packing scheme. They just scan for signatures and the crap they call heuristic algorithms isn't worth the hdd space. It scans for API Calls and tries to figure out what the program is doing. Ha ha. There are many ways to circumvent this e.g. by packing the PE like said above.

    These trojans are designed with stealth in mind so there will not be a BIGFATROJANEXECUTABLE.EXE in your C: root directory - there will be not exe at all. No dll. Nothing.
    Good trojans will get admin privs if your win users does not have them (most do) by exploiting local vulns and then they just inject a system driver. Drivers run in ring0 (which means kernel-mode!) and when this happens your system is lost. Lost.
    If you manage to place ring0 code you can alter anything. You want to hide files? Fine, just let the kernel say there is no TROJAN.EXE in your system whenever it stumbles upon one. Want to hide a process in memory? Allright, let's just forget our process during process enumeration and add the cputime it consumed to some other process. You want to know what the user is typing? Ok, hook the keyboard driver and copy what you want. You control everything on the lowest level.
    Most of those 'AntiHacker OLOLOL AV Superscanner of Doom' crap just queries the kernel for a list of files, processes or memory to scan. An infected kernel will hide your trojan so deep inside your systems that the AV will not even know that there is something to scan.

    Ok, so you might say your system is infected but the attacker will not get past your twenty firewalls (windows desktop firewalls haha). Ok, if our trojan is using the windows network stack it must deactivate the firewalls/AVs/whatever before sending data or connecting to the controller. Every user who is not completely dumb will see this and know he has been owned - not good.
    But hey, we are ring0, right? What can we do about it? We just build our own IP packets and send them down the wire - not touching that windows stack (thats been watched by your firewalls) at all. It's a little work to implement your stack but so we are able to even create a virtual network card (we could even get our own IP address from a DHCP) because we can choose whatever MAC we want. Aah, freedom. Promiscious mode? Not a problem.
    An attacker sitting inside your kernel will let you know what he wants you to know. No AV, no AntiHack, no chance - every information your system reports to you comes from the kernel. You're owned and you do not even know about it.
    Your only way to know you're hacked is to get another system into your network and dump the traffic and take a close look to the traffic. Good hackers will hide inside the standard traffic your system pollutes to the network.


    So, please do not post things like "if you're the master the trojan is a slave" - as long as you are truly a master.
     
    neo_vi likes this.
  15. TM_0034

    TM_0034 New Member

    Joined:
    Mar 25, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Hi! Is anyone can help learn how to hack an ID? My old Yahoo ID has been hacked and i want to take back if possible, which that ID is my first ID in yahoo mails and messenger and all original details are thier. Please would you mind whoever knows how to hack an ID kindly share your knowledge on how to do it? Thanks a lot in advance.
     
  16. !Newbie!

    !Newbie! New Member

    Joined:
    Apr 13, 2009
    Messages:
    128
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Around
    am new here and find this discussion quiet interesting, will try and contribute...:kid:
     
  17. LuckyWorker

    LuckyWorker New Member

    Joined:
    Apr 26, 2009
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    those software that you download from warez sites and those from p2p is most likely a trojan program imitating those legitimate software. i have a habit of doing that when I was younger. I used VB or C++ to create remote admin tool. However, i get a lot of problems if there is a firewall installed. Some of my programs could bypass ZoneAlarm though.
     
  18. opareadams

    opareadams New Member

    Joined:
    Apr 27, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Accra, Ghana
    How can i create a keygen??
     
  19. Burillo

    Burillo New Member

    Joined:
    Apr 28, 2009
    Messages:
    8
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    Hell
    This thread has its fair share of bullshit but nevertheless is very informative, especially that post by we3z about kernel-level trojans. so i'll just put my two cents in this discussion.

    So, first of all, Bhullarz, no offense, but your "HACKERS", "VIRUSES", "TROJANS" and all the other scary words capitalized look like cheap advertising :D
    on a serious note, IMHO you're both right and wrong at the same time. It's true that new malware appears at much higher rate than it goes to the databases of the AV software (especially the free ones), but we all know that pretty high percentage of this malware is being detected by heuristics and "decoy" computers that are used by the AV companies for automated malware detection.
    And despite your ravings about infected cracks and keygens the truth is that most of the cracks and keygens are clean if you download them from right sources. On any serious forum (where users are computer enthusiasts) anyone who posts trojan will sooner or later (probably sooner than later) get detected, banned and have his message deleted. Same goes for any serious torrent tracker - if something is reported as fake or trojan - it gets checked immediately by the community - and trust me, most users of such websites aren't exactly dumb computer illiterate leechers. The real danger comes in "true" filesharing networks like ed2k or limewire - but the thing is, almost every trojan i met there had fixed size and was easily detectable once you know how it looks like. A pretty much safe practice would be using some kind of sandboxing software, be it a virtual machine or Sandboxie.
    As for that firewall thing... Few posters made some valid points about firewall penetration techniques, and there even is a website that concentrates on exactly that - they write "leaktests" and test them against popular firewall programs (just google Matousec). I myself use the firewall that is stably in first five for several years now and don't use an antivirus at all. The most valid point was that if the trojan was connect - they will get detected. This is not true if they were using legitimate program (like IE) to connect, but that would be true if the firewall was able to detect potentially dangerous actions. For example, i downloaded a keygen. I know it shouldn't try and execute IE, don't i? That's the whole thing, it's that simple. Of course, that won't help if the ring0 trojan was already there, but when it gets installed it will install a driver and that will be detected by firewall! So proactive security (and your own vigilance to unusual behaviour) might be your last chance if signature-based security fails.

    PS this post is no bullshit - i can't count how many viruses i've blocked when they tried to own me and i even manually deleted several trojans from my system using solely my firewall and some extra tools (HijackThis, Sysinternals stuff and others). Yes, i shouldn't have been allowed them in the first place but sometimes i make mistakes too:D
     
    shabbir likes this.
  20. udefined

    udefined New Member

    Joined:
    Jul 12, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    noh man i m 100% safe from hackers as i m an ethical hacker .......................
    and i havee knowledge of all security measures and how to encrypt data over the net
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice