Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


Photo

How can I get a trojan?

- - - - -

  • Please log in to reply
22 replies to this topic

#1
milan777

milan777

    Newbie

  • Member
  • 21 posts
Maybe it sounds crazy, but I am experimenting with viruses on VMware virtual machine. I need some viruses to do that so I was searching on internet how to get trojan and I've found a video on youtube:link
There are a lots of malwares and he showed a malicious websites on this video. It's working on his computer, but on my these sites are broken.
I thought that they are broken by security updates on Windows so I tried it on Linux, but it's not working. That means that they are removed.

Does anybody know working links of trojans like this or malicious sites?


How to remove advertisement from MSFN

#2
iamtheky

iamtheky

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 866 posts
http://www.damnvulnerablelinux.org/
iamtheKy

#3
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 9,672 posts
  • OS:Server 2012
  • Country: Country Flag

Donator

So you WANT to get a virus? Seems weird...
MSFN RULES | GimageX HTA for PE 3.x | lol probloms
msfn2_zpsc37c7153.jpg

#4
-X-

-X-

    Member

  • Patrons
  • 2,392 posts
  • OS:XP Pro x86
  • Country: Country Flag

Donator

Not weird. It's good to learn. Makes you safer.

I've too have tried but had little luck in finding exploits where the URLs are still functioning.

Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk post-12166-0-42859000-1399044129.png ]
               If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!


#5
milan777

milan777

    Newbie

  • Member
  • 21 posts

Not weird. It's good to learn. Makes you safer.

I've too have tried but had little luck in finding exploits where the URLs are still functioning.


So can you tell me that working URLs.

#6
-X-

-X-

    Member

  • Patrons
  • 2,392 posts
  • OS:XP Pro x86
  • Country: Country Flag

Donator

Don't know of any.

Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk post-12166-0-42859000-1399044129.png ]
               If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!


#7
milan777

milan777

    Newbie

  • Member
  • 21 posts

Don't know of any.


I don't know how did roguewatch accessed all this URLs.

#8
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 9,672 posts
  • OS:Server 2012
  • Country: Country Flag

Donator

I've got a couple old ones hanging out on my email, like Sircam and Bagle, but they won't be any use unless you have an email setup that will let you receive them. I did a test to my work email, but our firewall stripped the virus out, and identified it to me as:

The attached message from was found to contain the virus "Worm.Bagle.BB".


MSFN RULES | GimageX HTA for PE 3.x | lol probloms
msfn2_zpsc37c7153.jpg

#9
VideoRipper

VideoRipper

    CSI Eastwood City

  • Member
  • PipPipPip
  • 330 posts
  • OS:none specified
  • Country: Country Flag
From experience I know it's best to visit some vague websites in the .ru, .cc and .ws TLD's :lol:

Another tip: Google for phrases like "Crack", "Hack" and "Keygen" and follow the sites
marked with "This website can be hazardous to your computer" ;)
To C the BASIC things in life, use Delphi

#10
milan777

milan777

    Newbie

  • Member
  • 21 posts
How can I make google to show me only sites that can harm my computer?
I tried advanced search, but I didn't find anything.

#11
VideoRipper

VideoRipper

    CSI Eastwood City

  • Member
  • PipPipPip
  • 330 posts
  • OS:none specified
  • Country: Country Flag
This is for your trojan/virus/spyware adventure I presume? :rolleyes:
(You should actually just continue in the thread you already started about
this when this is the case)


Google doesn't offer this "Service" (to my knowledge), but I guess
you'll get more "Lucky" if you switch off "SafeSearch".

Other than that, you can only search for "Questionable" content
like "Warez", "Keygens", "(Child) pr0n" and such.
Most of these sites marked are on .ru, .ws and .cn TLD's.

To be honest: I've just tried to search for "Warez" myself on
servers located in China and while I had about 81.000.000 hits,
I didn't see the warnings anymore :unsure:
Maybe they've switched them off or just reject them all now?

Greetz,

Peter.
To C the BASIC things in life, use Delphi

#12
dencorso

dencorso

    Adiuvat plus qui nihil obstat

  • Super Moderator
  • 5,756 posts
  • OS:98SE
  • Country: Country Flag

Donator

This is for your trojan/virus/spyware adventure I presume? :rolleyes:
(You should actually just continue in the thread you already started about
this when this is the case)

Yes. That's what one should do.
Threads merged. Resulting thread moved. :yes:
@milan777: do *not* do that again! Posted Image
Consider yourself warned.

#13
Tarun

Tarun

    Spectre

  • Super Moderator
  • 3,176 posts
  • OS:Windows 7 x64
  • Country: Country Flag
Surf all the websites you would typically avoid.

Also look at this topic: http://www.msfn.org/...g-secondary-pc/

#14
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 9,672 posts
  • OS:Server 2012
  • Country: Country Flag

Donator

Actually, here is a sure-fire way to get a trojan.

You need: a computer with a NIC and NO anti-virus installed (or disabled). Then you connect it directly to the internet and TURN OFF the Windows Firewall. Then just go to a website, although you probably will get something withing 5 seconds if you are lucky.

Also you can open Outlook Express and add an account into it. A lot of viruses (botnets) like to send emails through Outlook Express. You can STOP your PC from actually sending out said emails by setting the SMTP server to be an invalid address, so then the spam emails will just sit in your Outbox folder.
MSFN RULES | GimageX HTA for PE 3.x | lol probloms
msfn2_zpsc37c7153.jpg

#15
cluberti

cluberti

    Gustatus similis pullus

  • Supervisor
  • 11,247 posts
  • OS:Windows 8.1 x64
  • Country: Country Flag
Seconded - if this is an XP machine, just install it (preferably SP1 or RTM, as they're more vulnerable out of the box) and attach it to the internet with no protection (also second settup up a bogus mail account). Especially if you're on a shared broadband network like cable, your machine will get dirty, and quickly.
MCTS Windows Internals, MCITP Server 2008 EA, MCTS MDT/BDD, MCSE/MCSA Server 2003, Server 2012, Windows 8
--------------------
Please read the rules before posting!
Please consider donating to MSFN to keep it up and running!

#16
VideoRipper

VideoRipper

    CSI Eastwood City

  • Member
  • PipPipPip
  • 330 posts
  • OS:none specified
  • Country: Country Flag
Not thirded :whistle:

Although I can't tell the risk when using XP SP1 (since I'm using SP3), my system
isn't running any virus-scanner and has it's firewall turned off. :angel
And overall I "Only" get infected 3 or 4 times a year (which I find acceptable for
a system that isn't waisting CPU-cycles on a resourcehungry scanner).

Being behind a router (which semi-doubles as a firewall... sort of...) I guess my
chances of getting infected are reduced dramatically, but the infections I do get
are being brought in by bugs/flaws/undocumented-features in IE and not at socket-
layer level (so badware is asked in rather than forced in). :unsure:

I don't use Outlook Express, so I can't comment on that... :no:

However, I don't recommend this way of "Having sex with the internet, without any
contraceptive"
if you don't know exactly what processes are supposed to be running.
I am prepared to take this risk on my faily old system and I'm not advising others
to do the same (unless they like to live adventurous) ;)

Apart from that all: make sure you always install the latest patches and updates
(Unless you're a guy like Milan and wants to get infected, of course). :rolleyes:

Greetz,

Peter.
To C the BASIC things in life, use Delphi

#17
cluberti

cluberti

    Gustatus similis pullus

  • Supervisor
  • 11,247 posts
  • OS:Windows 8.1 x64
  • Country: Country Flag
Being behind a router, and not directly connected, *does* indeed increase the risk of infection, BY FAR. If you're trying to get infected, then this would most definitely be a bad idea, hence why the suggestion was to use no firewall, no router, and connect an XP RTM or SP1 box directly to the internet. That'll get you infected, probably within a few minutes, with all kinds of nastiness.
MCTS Windows Internals, MCITP Server 2008 EA, MCTS MDT/BDD, MCSE/MCSA Server 2003, Server 2012, Windows 8
--------------------
Please read the rules before posting!
Please consider donating to MSFN to keep it up and running!

#18
dencorso

dencorso

    Adiuvat plus qui nihil obstat

  • Super Moderator
  • 5,756 posts
  • OS:98SE
  • Country: Country Flag

Donator

Posted Image You surely meant to say:

Being behind a router, and not directly connected, *does* indeed decrease the risk of infection, BY FAR.



#19
VideoRipper

VideoRipper

    CSI Eastwood City

  • Member
  • PipPipPip
  • 330 posts
  • OS:none specified
  • Country: Country Flag

You surely meant to say:

Hehehehe, I think you might be right ;)
And you're right as well Cluberti, I must have read over the "Direct connect to inet"-phrase :blushing:

Of course, you always have the chance that your ISP will filter out most
nasties coming in/out, so keep that in mind as well. :unsure:
To C the BASIC things in life, use Delphi

#20
cluberti

cluberti

    Gustatus similis pullus

  • Supervisor
  • 11,247 posts
  • OS:Windows 8.1 x64
  • Country: Country Flag

Posted Image You surely meant to say:


Being behind a router, and not directly connected, *does* indeed decrease the risk of infection, BY FAR.

Doh! Oh well, can't always type what my mind is thinking :).


Of course, you always have the chance that your ISP will filter out most nasties coming in/out, so keep that in mind as well. :unsure:

True, although I'm pretty sure this user's ISP is not one of those.
MCTS Windows Internals, MCITP Server 2008 EA, MCTS MDT/BDD, MCSE/MCSA Server 2003, Server 2012, Windows 8
--------------------
Please read the rules before posting!
Please consider donating to MSFN to keep it up and running!

#21
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 9,672 posts
  • OS:Server 2012
  • Country: Country Flag

Donator


You surely meant to say:

Hehehehe, I think you might be right ;)
And you're right as well Cluberti, I must have read over the "Direct connect to inet"-phrase :blushing:

Of course, you always have the chance that your ISP will filter out most
nasties coming in/out, so keep that in mind as well. :unsure:


Is this chance greater than winning the jackpot in the lottery? ;)
MSFN RULES | GimageX HTA for PE 3.x | lol probloms
msfn2_zpsc37c7153.jpg

#22
jaclaz

jaclaz

    The Finder

  • Developer
  • 13,989 posts
  • OS:none specified
  • Country: Country Flag

Is this chance greater than winning the jackpot in the lottery? ;)


Which one? :unsure:

That of dencorso being right :ph34r: or that of finding an ISP that filters out the nasties :w00t: ?

;)

:lol:

jaclaz

#23
-X-

-X-

    Member

  • Patrons
  • 2,392 posts
  • OS:XP Pro x86
  • Country: Country Flag

Donator

milan777, I finally found where you can get yourself infected. http://www.malwaredomainlist.com/

They have a host file there for blocking malware sites. I been visiting the sites in the hosts file(I'm halfway through the b's) the last few days and only ran into 3 infections so far so it's not that great. There are threads like this: http://www.malwaredo...hp?topic=4433.0 that are updated daily though.

Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk post-12166-0-42859000-1399044129.png ]
               If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users



How to remove advertisement from MSFN