EXPERIMENT NO:10

AIM : To understand and mimic Trojan Horse attack. Theory: A Trojan is a program that allows a hacker to have remote access to source target system .They can be either stand-alone files or embedded into another more familiar files such as games, mp3, files, photos , etc .Once the victim has opened the Trojan file, the maker can have file access to the victims machine. Eg : add/delete/modify files, execute commands, use the PC for another attacks, run password stealers, install viruses, etc. SUB7 is software used to create Trojan horse attacks. It is also called Remote Access Tools (RAT).Two PCs are required i.e., hacker and the victim. By default, the foll steps are performed on the hacker unless mentioned otherwise.
1.

Install SUB7

a) Run SUB7.exe b) Password is majed

c) d)

Click install folder sub7 legend is created Open the folder sub7 legend. It contains edit server: used to create.exe file that will be installed on victims machine.

Key logger click start logging. It prompted download all file on the victim, let your partner. Server.exe: Readymade server file.

Sub7.exe: client file that is used to control the victims machine.

2. Create the server file: a) Double click on server.exe

b)

Open server.exe that is in sub7 legend folder thru clicking on the browser button in edit server an selecting its path.

c) Click Read current setting d) Check the box next to blind server with.exe file and select sharjah.exe from the desktop. e) Click on save a copy and name it sharjah screen server.

3. Send the file to the victim: Thru USB, send file to the victim machine. Delete the file from USB. Make sure the victim runs it.

4. Start: a) Run subserver.exe

b) c)

Write the victims IP address, then click connect Click on connection from the menu list to the left click on PC info then retrieve .Note the computer name, CPU, disk size Click on msg &keep from menu list to the left open a txt file and type anything. Click on send keys. Click on chat click on chat with victim and chat with victim. Use other chat

d)

options. Click on matrix and type anything. Let the victim try to type can be.
e)

Click on Advance from the menu list to the left. Click on find files .Search for .jpg files on partition. Then import the list for the file manager have you found log files? Download it to your machine. Outside the sub server, window, create a notepad doc & save it on your PC. In sub7 window click on Misc from menu list to the left click on file manager. Upload the doc files you created to the desktop of the victim. Does he set there? On the hacker machine select the file simple.txt from your files. Click on clipboard manager. Let the victim copy any text line then clickset clipboard text. Se the victim pose what does he see?

f)

g)

h) Remove all created & imported files. On the hacker: the sub7 legend folders.

On the victim: all the changes made to simple.txt the sharjah.exe file.

Preventing Malicious Attacks

Preventing attacks from adware, spyware, trojan horses, keyloggers and other parasites is essential. You can greatly reduce your risk of infection with education, the right combination of software and good computer habits.

Education
Their counting on your lack of knowledge to infect your system. Educate yourself, family members and friends.

Software Programs
To reduce your risk of infection install and maintain protective software applications. Install a personal firewall to protect your system from unauthorized access. Install a spyware scanner to scan for adware, spyware and other malicious activity. Install Trojan horse and anti-virus protection software to prevent attacks. Keep all software up to date to prevent known security vulnerabilities.