Legal Disclaimer

Hacking For Beginners – Manthan Desai 2010
Mode of Transmission for Trojans
Reverse Connection in Trojans
Reverse-connecting Trojans let an attacker access a machine on the internal network from the outside. The Hacker can
install a simple Trojan program on a system on the internal network. On a regular basis (usually every 60 seconds), the
internal server tries to access the external master system to pick up commands. If the attacker has typed something into
the master system, this command is retrieved and executed on the internal system. Reverse WWW shell uses standard
HTTP. It’s dangerous because it’s difficult to detect - it looks like a client is browsing the Web from the internal network
Now the final part ….
Detection and Removal of Trojans
The unusual behavior of system is usually an indication of a Trojan attack. Actions/symptoms such as,
• Programs starting and running without the User’s initiation.
• CD-ROM drawers Opening or Closing.
• Wallpaper, background, or screen saver settings changing by themselves.
• Screen display flipping upside down.
• Browser program opening strange or unexpected websites
All above are indications of a Trojan attack. Any action that is suspicious or not initiated by the user can be an indication
of a Trojan attack.
One thing which you can do is to check the applications which are making network connections with other computers.
One of those applications will be a process started by the Server Trojan.
w w w . h a c k i n g t e c h . c o . t v Page 47