Page 1 of 1

looking for some sort of trojan... i think

Posted: 07 Aug 2006 01:20
by sc0tt-uk
I've often wondered about the possibility of some sort of audio trojan. Ok its true that most people nowadays run an up to date AV package of some kind as well as a firewall, but its also true that most of the time they don't really know what the firewall does or when the last time their computer was scanned for viruses. Another bonus nowadays is that sooooo many people are on cable/adsl/some kind of connection that could transmit decent quality audio without eating up their bandwidth and often stays connected whenever their computer is switched on.
So... i'm searching for something that will allow me to stream audio through someones internet connection. I recall seeing trojans around years ago that were fairly useless back then due to the lack of bandwidth. Although it'd be trickier to get apps like this running on the computer of a stranger due to the AV and firewalls around now, getting on to the computer of someone you know would be pretty easy sometimes and once its set up and the rules are created in their firewall it'd be a while before its noticed. think about it... i know lots of people who have computers or laptops in their bedrooms, don't you?
any help appreciated...
sc0tt-uk

hi mate

Posted: 11 Aug 2007 03:21
by jedm72
The issue of getting into an unprotected machine is actually not all that hard. I am reasonably average at it and have manged to do it "in theory". Most people know F'k all about security of any kind. As long as the thing works they are happy. Most cable internet connections here run an unprotected modem hooked directly to the PC. It relies on the POS Windows firewall. You would get more protection putting the computer in a paper bag.

People run all sorts of DL proggies, torrents, emule etc make big holes in the Win firewall and wonder why the PC suddenly is stuffed. It would not be impossible to utilise a "hole" that already exists - "in theory". Obviously this is a theoretical discussion.

It would be slightly harder to make the various "peripheral" devices behave as you are accessing the system functions of the OS remotely. Some PC's have the remote desktop service enabled - or at least the service that allows another computer to take control of the mouse and do stuff - this could be used to actually make the PC do what you are after.

IP address log files and problems with legality issues prevent me from saying that this would be a good idea in practice. But as a theoretical and general "problem" is is worth investigating - purely of course to prevent bastards from doing this to our own machines and buggering things up.

For the security conscious I will post details of all the free utils I have come across to lock your PC down nice and secure. Obviously is all dependent on the tenacity of the person trying to break into you machine.

Your "theoretical" problem is an interesting one.


J :)

audio trojan

Posted: 11 Aug 2007 07:40
by Rograd
Here's something. I'd be interested in knowing if it works...

The sub7 trojan let's you remotely control a computer. One option is to run the recording software in windows and just download the file to your pc to listed to. Here's an online article I'll quote below..


http://www.smartcomputing.com/editorial ... .asp&guid=

An Example: SubSeven. iDEFENSE's white paper, SubSeven Trojan Horse, spells out one script censored tool, SubSeven. To order the paper, go to http://www.idefense.com and click The Power Of Intelligence and White Papers. Scroll down and check the SubSeven Trojan Horse box. Type your name and e-mail address, and iDEFENSE will send you the paper in Adobe Acrobat form.

This Trojan horse lets a cracker control your Windows 95/98 system. SubSeven is available for download on several Web sites. Once the cracker has control, he can lock your keyboard and play sounds, among other things. He can record sounds through your microphone, record video through a video camera connected to your PC, and monitor your keystrokes, through which he could learn your passwords.

SubSeven makes its rounds disguised as a legitimate file. It's actually an executable file that changes several entries in the Windows Registry, letting it take control of the system whenever it is called upon. SubSeven is a graphic program that crackers with only a moderate knowledge of computer programs can use.

Hi Rograd

Posted: 11 Aug 2007 18:49
by jedm72
Specific relevant item in this article is the reference to win 95/98. Win 95 and 98 all versions had basically NO security software or protection built in at all. It was dependent on the old IE 5.?? series which was crap and became even worse with a 9X system with IE6. Unless you downloaded half a squillion bloody updates for IE - you had a virus or trojan or some crap bashing holes in your machine every other day. This is exactly the reason why Mozilla has such a foothold today in the Browser market - it did not suffer from the same performance problems or security issues.

As horrible as the security is in XP this type of trojan is likely to be stopped by at the very worst SP1 (service pack 1). Security flaws that were issues under 9X/ME machines are no longer the case in XP - we just get a whole bunch of new ones.

Trojan type proggies can get into Mr Boofhead's PC with no anti virus and no updates purely for that reason. The instance of heavy mail server attacks and denial of service attacks have scared the hell out of most people with 2 brain cells and they run some sort of anti virus program. Some of course RUN the program but never update the thing. I had a customer with 5 year old software abuse the sh!t out of me because their computer had over 100,000 files infected and it was obviously completely stuffed. Was a virus that attacked executable files and pretty much anything else that could be run or worked on in some way. Fun and laughter had by all that day when she was told the whole thing was stuffed and her data was all buggered.

I don't mean to suggest that what you say is NOT possible. It would have to be a trojan that is not known by the major anti virus and malware type programs and therefore essentially has to be built from scratch by a programmer. I know almost as much about programming as I know about the mating habits of tsetse flies. So I would be of no help in this endeavour.

Also the idea of finding a computer with no security that also has people banging the hell out of each other regularly has to be a tall order - fun but difficult. I wish you luck.

J

Posted: 11 Aug 2007 20:38
by sc0tt-uk
Sub7 supports XP and 2k now as far as I can tell. Haven't got hold of a copy to try it out yet but I will do just for the fun of it. unfortunately though, as J says it's too wellknown to be of much use - any AV software would be snapping at its heels even without updates no doubt.

Creating one from scratch does seem to be the solution, but my programming knowledge is shameful, and the only decent programmer I know is a very law-obiding chap.

Keep up the research though folks, someone might stumble upon something I've missed. And of course, if there are any coders among us who'd like a challenge...
Sc0tt-uk

Re: Hi Rograd

Posted: 12 Aug 2007 20:13
by Rograd
I'll defer to your expertise on software. I'm computer illiterate. Just for the sake of theoretical argument, what kind of distance are you talking about? There are computer attachments that are made to house transmitters. I'm thinking about one site that sells a transmitter inside of a computer mouse. An anonymous gift just about the time the current one breaks down........

[quote="jedm72"]Specific relevant item in this article is the reference to win 95/98. Win 95 and 98 all versions had basically NO security software or protection built in at all.

Posted: 12 Aug 2007 21:01
by shung421
It seems to me that actually "infecting" someone's computer with a trojan is crossing the line.

Admittedly, our little hobby is rather sneaky to begin with, but we mostly get our sounds from temporary little quick tricks (hiding a recorder in a jacket pocket or near a window or door or using a boom mic to capture sound, etc.). People use their computers for a lot of different (and sometimes important) things and so I don't think it's fair to do something that could screw it up for them or violate their privacy (more than we already do!) since it would presumably record more than just their potential lovemaking...people may be discussing their finances, passwords, family issues, whatever. That's going a bit far, in my opinion. And it's another step down the legality slope for a hobby that already walks the edge of it!

Posted: 13 Aug 2007 03:19
by sc0tt-uk
Actually Shung, thats a really good point.
I've always thought it'd be slightly more ok for me to try this because I've done my time as a support techie, so the novelty of being nosy and seeing what people have got on their hard drives and stuff has well and truely warn off. I totally trust myself not to go snooping for passwords, conversations, stuff like that. Agreed though, morally its definitely wobbling on the edge of the fence, and legally some bastard has just hacked down the fence we're on with a chainsaw!!