Re: Looking for a Trojan

["Adam Pal" <pal_adam () gmx net>]

Hi Juan,

Presuming this is NOT a request "how do i write a good trojan", it should be enough for a prove to have a not-detected 
software you can control. The windows kernel can be a good place for such software, obfuscating the code can help you 
to avid being easily detected. 
Most AV have same process no matter what version they are running, so basicaly you can let your programm to close the 
process - which it can do because it is on the kernel layer.
I think, this book should provide a good ressource to start with:
http://www.informit.com/store/product.aspx?isbn=0321294319

...if you dont want to spend the time on it, unfortunately there are enough trojan kits, they are not cheap but neither 
too expensive.

cheers!
Adam Pal

-------- Original-Nachricht --------
> Datum: Mon, 19 Jan 2009 09:18:07 -0800 (PST)
> Von: Juan B <juanbabi () yahoo com>
> An: security basics <security-basics () securityfocus com>
> Betreff: Looking for a Trojan

> Hi,
>
> I got myself into an argument with a colleague of mine about trojans, he
> says that now days all old trojans can be detected as long as the AV
> software is updated, I need to show him he is wrong.
> I am looking for a Trojan or rootkit to be installed locally on a virutal
> machine ruining Xp. the machine has AV software and It will be accessed via
> the internet. I need the Trojan to supply me screenshots of the victim
> computer,maybe to send them to an E mail address etc.. the trojan will need to
> disable the AV software (which I dont know which version is installed) or
> just avoid detection by the AV software, I know that trojans like subseven
> Backorfice etc will be detected immediately by AV software so they don't
> help much..
>
> someone knows of such a trojan /RAT ?
>
> thanks a lot !
>
> Juan
>
>
>       

-- 
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger