RE: Creating a Custom Trojan after Social Engineering

["Todd Towles" <toddtowles () brookshires com>]

http://ntsecurity.nu/papers/acktunneling/

NetCat can be set to call out to a pre-defined IP, I believe.

Search for Rx.exe as well - Windows Universal Reverse Shell Trojan

> -----Original Message-----
> From: Eric McCarty [mailto:eric () piteduncan com] 
> Sent: Thursday, January 13, 2005 12:30 PM
> To: Slider Slider; pen-test () securityfocus com
> Subject: RE: Creating a Custom Trojan after Social Engineering
>
> VNC offers the option to reverse connect using the -connect 
> command line.
>
> Here is an example of using SSH and VNC. Not quite a remote 
> access Trojan but very simple.
>
> http://faq.gotomyvnc.com/fom-serve/cache/128.html
>
>
>  
>
> -----Original Message-----
> From: Slider Slider [mailto:0bscur3 () gmail com]
> Sent: Wednesday, January 12, 2005 3:34 PM
> To: pen-test () securityfocus com
> Subject: Creating a Custom Trojan after Social Engineering
>
> In the middle of a pen test and I have sucessfully SE'd some 
> employees to visit a website that I created to download a 
> keylogger. I was able to get a lot of information. I am 
> working on the firewall and there are no open ports or 
> services running, strictly internet access....so the thought....
>
> I want to exchange the executable keylogger for a trojan that 
> will connect to me from the client giving me remote access 
> control.  I have sampled a few, but can't find any custom 
> programs where I can tell it what to do and when to uninstall.
>
> Has anyone tried this?  
>
> 0bscur3