Jump to content
vladiii

Simple Trojan Code in VB

By vladiii, in Tutoriale in engleza

Recommended Posts

vladiii Newbie

vladiii

Posted
Posted

I wrote this for HackThisSite.org almost a year ago.

Before you flame me:

I don't care if you think VB is a noob language. It very well may be, but pointing it out in this topic doesn't help anyone.

Also note that when I posted it on HTS, it removed all of the tabs I had put it in, which is why the code looks pretty sloppy.

Oh, and at some spots it put in returns where it wasn't supposed to. I think anyone with half a brain could figure out where to remove the returns.

In this tutorial you will learn about:

- Client/Server applications

- Winsock functions

- Left()

- Right()

- Select Case

First off you need to learn about client/server applications (note: this tutorial is for basic trojans and not for more advanced features like reverse connecting, those will be covered in a later tutorial if ever)Client/Server applicatons are broke into 2 parts, as one may guess. The client and the server. The client is the program that is connecting to the server and the server is accepting connections (although you can have it reverse connect to get by the router but that's not for this tutorial).

Basicly the server is 'listening' for a connection and once a client attempts to connect to the server, the server accepts the connection and boom a connection is made. Once connected, you can send data from the client to the server and vice versa. An example would be a simple chat

program where you're sending a message back and forth and the message is displayed on the other's screen.

Now how can we do something like this in Visual Basic? It's quite simple. Since this is a test I'm just going to have you create ONE application with two forms rather than two applications, but you can create two applications if you wish and just follow the general instructions of this tutorial.

Alright, first off we should create a listening server. Open up VB and make a standard EXE and add another form so you have Form1 and Form2. Rename the forms (change their .name properties) to frmClient and frmServer. Goto Project -> Components and put a check next to "Microsoft Winsock Control 6.0," if you do not have this control, do not worry! A simple google search for "MSWINSCK.OCX" will find you a download in no time (note: it goes in

%systemroot%/system32/). Alright, now hit OK.

What we just did: We added Microsoft's Winsock control to our toolbox. You can see that it is the last object on your toolbox (it has an icon that looks like 2 computers with a red wire connecting them)Add this control onto frmServer and change it's .name property to sckServer. Open up the code for frmServer and let's take a look at some of the subroutines/functions that the winsock control has. To do this, I usualy type in "sckServer." and a little list pops up with all the properties, etc. Here's one that looks interesting: "sckServer.Listen."

There aren't any arguments for it so we need to find a way to set what port it's listening on or else it will error. Luckily another thing that I see in the list is "sckServer.LocalPort." Let's try to edit this to be what port we want. I'll be using 1234 for this example.

Let's add some code to the Form_Load() subroutine of frmServer to do what

we just found out:

Private Sub Form_Load()

sckServer.LocalPort = 1234

sckServer.Listen

End Sub

Goto Project -> Project 1 Properties... and change the Startup Object to frmServer. Save the program and run it. It seems to work fine, right? But there's nothing connecting to us so there's nothing to do. Even if they did try to connect to us, it would reject it because all we're doing is listening, not accepting.

Let's add in accepting. I see that there is a subroutine that is called whenever someone tries connecting. It's called "ConnectionRequest:"

Private Sub sckServer_ConnectionRequest(ByVal requestID As Long)

End Sub

Well it's very simple to make it accept so here it is:

Private Sub sckServer_ConnectionRequest(ByVal requestID As Long)

sckServer.Accept requestID

End Sub

Now let's make our client...

Add a winsock control to frmClient and name it sckClient. Add 3 text boxes and 2 command buttons. Name them accordingly:

Current Name: New Name: New .caption/.text Value

Text1: txtIP: IP Address

Text2: txtPort: Port

Text3: txtMsg: Type your message here

Command1: cmdConnect

Command2: cmdShowMsg

Now here's the commented code for this page:

Private Sub cmdConnect_Click()

'Connect using sckClient

sckClient.Connect txtIP.Text, txtPort.Text

End Sub

Private Sub cmdShowMsg_Click()

'Send data to the server containing msg| and then the message you wish to show

sckClient.SendData "msg|" & txtMsg.Text

End Sub

Private Sub sckClient_Connect()

'Let us know that we're connected!

MsgBox "Connected!", vbInformation, "Client"

End Sub

Private Sub sckClient_Error(ByVal Number As Integer, Description As String,

ByVal Scode As Long, ByVal Source As String, ByVal HelpFile As String,

ByVal HelpContext As Long, CancelDisplay As Boolean)

MsgBox Description, vbCritical, "Error"

End Sub

Surprisingly enough, that's it for the client.

Now let's go back to the server and have it accept data...

In frmServer:

Private Sub sckServer_DataArrival(ByVal bytesTotal As Long)

'Define variables:

Dim strData As String, strCommand As String, strArgument As String

'Get the data recieved and put it into strData:

sckServer.GetData strData

'Grabs the left 4 characters of strData (EG: "msg|"):

strCommand = Left(strData, 4)

'Grabs everything to the right of the command (EG: "This is a test" in

the string "msg|This is a test"):

strArgument = Right(strData, Len(strData) - Len(strCommand))

Select Case strCommand

'Sent the command to show an error message, show the error message:

Case "msg|":

MsgBox strArgument

'[add more commands using this format]

End Select

End Sub

Well, that all works and everything is fine! But why isn't frmClient showing up? That's because we have frmServer set as our startup form. Just add this code into frmServer's form_load subroutine:

frmClient.Show

Alright. We test it out and try to connect to ourselves ("127.0.0.1") and we get an error on this line:

sckServer.Accept requestID

apperently it isn't working how we want it to, but not to fear! Just add this line of code above it to Close the server (stop it from listening) and then accept the connection:

sckServer.Close

OK. We test it out and it works fine! We close the program because we're done and we go back to the source and now we're going to try out some other stuff.... actualy, take off the "we," this is extra practice for you!

Extra practice:

Add a button onto the client that closes the current connection (HINTS:

sckClient.Close and sckServer_Close()) (don't forget that you need to start

listening again after it closes or else it wont accept connections)

Add in more functions for the client! Keep the commands 3 letters long with the "|" character at the end of them. A few ideas are "del|" to delete a file and "cpy|" to copy itself to a specific directory.

Happy programming! Full source code included below for you lazy people.

'''''frmClient:'''''

Private Sub cmdConnect_Click()

'Connect using sckClient

sckClient.Connect txtIP.Text, txtPort.Text

End Sub

Private Sub cmdShowMsg_Click()

'Send data to the server containing msg| and then the message you wish

to show

sckClient.SendData "msg|" & txtMsg.Text

End Sub

Private Sub sckClient_Connect()

'Let us know that we're connected!

MsgBox "Connected!", vbInformation, "Client"

End Sub

Private Sub sckClient_Error(ByVal Number As Integer, Description As String,

ByVal Scode As Long, ByVal Source As String, ByVal HelpFile As String,

ByVal HelpContext As Long, CancelDisplay As Boolean)

MsgBox Description, vbCritical, "Error"

End Sub

'''''frmServer:'''''

Private Sub Form_Load()

sckServer.LocalPort = 1234

sckServer.Listen

frmClient.Show

End Sub

Private Sub sckServer_ConnectionRequest(ByVal requestID As Long)

sckServer.Close

sckServer.Accept requestID

End Sub

Private Sub sckServer_DataArrival(ByVal bytesTotal As Long)

'Define variables:

Dim strData As String, strCommand As String, strArgument As String

'Get the data recieved and put it into strData:

sckServer.GetData strData

'Grabs the left 4 characters of strData (EG: "msg|"):

strCommand = Left(strData, 4)

'Grabs everything to the right of the command (EG: "This is a test" in

the string "msg|This is a test"):

strArgument = Right(strData, Len(strData) - Len(strCommand))

Select Case strCommand

'Sent the command to show an error message, show the error message:

Case "msg|":

MsgBox strArgument

'[add more commands using this format]

End Select

End Sub

credit: JETT from #milw0rm.org

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...