Tuesday, January 04, 2005

Virus Research

What is it with people and viruses? How hard is it to stay away from these things? Recently Ben, Daniel and myself have been infecting people with trojans at random to test how secure people really are. Go onto www.freechatnow.com and just set your nick to something like "HotGirlHomeAlone" or "HotChickWithCam" or "HotGuy4u" and then ask if anyone wants to see your pic. Link them to an exe file and watch the fun begin!

The Trojans we are testing with are:
*Sub7 2.15 Legends (Anniversery Release)

Andrew webcam shots his victim eating his own hand

The guy I posted a pic of above caught onto us when Ben started Steam a few times on his computer trying to keylog his password. The guy installed Mcaffe and removed Minimo but it left ProRat unharmed.

Free Image Hosting at www.ImageShack.us
Andrew watches Justin check his iPrimus Prepaid Account Usage

We have successfuly viewed 4 people's passwords (out of the 50 or so victims we got, most of them were firewalled and only worked with minimo reverse connection mode and ProRat requires you to pay $200 before you can get reverse connections on it.)

Didn't bother actually infecting anyone with Sub7 beacuse it was so old. I tried it on myself and 3 other computers though. It wasn't as updated as the rest needless to say.

I went NetBios scanning and found my best friend's step bro Mark had his computer on the net (Out of all the odds of me finding this, I found it twice on 2 seperate days!). I also found another person on Windows 98 who had full C access shared. She had Norton on her computer though and it auto-deleted my Minimo trojan when I put it in the startup folder. I couldn't be bothered getting an undetectable server though so I just carried on scanning. Found a lot of Anime and other shares with Music and stuff - Netbios scanning is the new Kazaa ;)

Nathan and me made up some servers with ProRat and bound them to Music & Picture files. We didn't get as much success but a few people accepted (Nathan stupidly sent some of them on MSN and crashed my router several times despite the fact I mentioned several times and got in an argument with him that MSN transfers crash it...Stupidity goes a long way)

We got a lot of mixed success with Trojan's but I think exploits are still the way to go. Out of the 50 hosts we virus'd only 2 of them had anti-virus and 1 didn't have it installed to start with. The majority of them were using Firewalls which were bypassed with reverse connection (Webcam viewer coverup allows easy allowal through firewall)

No comments: