Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

VB Trojans

245

Comments

  • markblue777markblue777 Member Posts: 184
    : : hi...
    : :
    : : i'm interested in knowing all about how VB Trojans work...
    : : you can post the material here itself,
    : : or you can post it to me at junior_jj@rediffmail.com
    : : if you like...
    : : :)
    : :
    : :
    : hi, i'm interested in knowing how they work too,
    : send me an email erat_pi@hotmail.com
    :
    hi, i'm interested in knowing how they work too,
    could you please send me the file please my email is markblue777@yahoo.com
  • Pr0t3mPr0t3m Member Posts: 1
    could i pleaze have a copy 2 at pinicleoflife@hotmail.com thanks
  • markblue777markblue777 Member Posts: 184
    : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    :
    :
    :
    :
    : C:Dos
    : C:Dos Run
    : Run Dos Run
    :
    hi i have 3 questions really first one is
    wot does this virus do i have made it but wot does it do
    second question is
    i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    please help
    thanks from
    mark
  • didanididani Member Posts: 99
    : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : :
    : :
    : :
    : :
    : : C:Dos
    : : C:Dos Run
    : : Run Dos Run
    : :
    : hi i have 3 questions really first one is
    : wot does this virus do i have made it but wot does it do
    : second question is
    : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : please help
    : thanks from
    : mark
    :
    Hi m8, here's the answers:
    1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    The compiling is most easy:
    File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...

    Hope this helps...

    EtHeO out...
  • GideonOmegaGideonOmega Member Posts: 617
    : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : :
    : : :
    : : :
    : : :
    : : : C:Dos
    : : : C:Dos Run
    : : : Run Dos Run
    : : :
    : : hi i have 3 questions really first one is
    : : wot does this virus do i have made it but wot does it do
    : : second question is
    : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : please help
    : : thanks from
    : : mark
    : :
    : Hi m8, here's the answers:
    : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : The compiling is most easy:
    : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    :
    : Hope this helps...
    :
    : EtHeO out...
    :


    didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.

    for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..

    on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.

    hope that helps everyone looking into it.

    just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    [blue]
    C:Dos
    C:Dos Run
    Run Dos Run
    [/blue]

  • markblue777markblue777 Member Posts: 184
    : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : :
    : : : :
    : : : :
    : : : :
    : : : : C:Dos
    : : : : C:Dos Run
    : : : : Run Dos Run
    : : : :
    : : : hi i have 3 questions really first one is
    : : : wot does this virus do i have made it but wot does it do
    : : : second question is
    : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : please help
    : : : thanks from
    : : : mark
    : : :
    : : Hi m8, here's the answers:
    : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : The compiling is most easy:
    : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : :
    : : Hope this helps...
    : :
    : : EtHeO out...
    : :
    :
    :
    : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    :
    : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    :
    : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    :
    : hope that helps everyone looking into it.
    :
    : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : [blue]
    : C:Dos
    : C:Dos Run
    : Run Dos Run
    : [/blue]
    :
    hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    from
    mark
  • GideonOmegaGideonOmega Member Posts: 617
    : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : :
    : : : : :
    : : : : :
    : : : : :
    : : : : : C:Dos
    : : : : : C:Dos Run
    : : : : : Run Dos Run
    : : : : :
    : : : : hi i have 3 questions really first one is
    : : : : wot does this virus do i have made it but wot does it do
    : : : : second question is
    : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : please help
    : : : : thanks from
    : : : : mark
    : : : :
    : : : Hi m8, here's the answers:
    : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : The compiling is most easy:
    : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : :
    : : : Hope this helps...
    : : :
    : : : EtHeO out...
    : : :
    : :
    : :
    : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : :
    : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : :
    : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : :
    : : hope that helps everyone looking into it.
    : :
    : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : [blue]
    : : C:Dos
    : : C:Dos Run
    : : Run Dos Run
    : : [/blue]
    : :
    : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : from
    : mark
    :


    don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    [blue]
    C:Dos
    C:Dos Run
    Run Dos Run
    [/blue]

  • markblue777markblue777 Member Posts: 184
    : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : :
    : : : : : :
    : : : : : :
    : : : : : :
    : : : : : : C:Dos
    : : : : : : C:Dos Run
    : : : : : : Run Dos Run
    : : : : : :
    : : : : : hi i have 3 questions really first one is
    : : : : : wot does this virus do i have made it but wot does it do
    : : : : : second question is
    : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : please help
    : : : : : thanks from
    : : : : : mark
    : : : : :
    : : : : Hi m8, here's the answers:
    : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : The compiling is most easy:
    : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : :
    : : : : Hope this helps...
    : : : :
    : : : : EtHeO out...
    : : : :
    : : :
    : : :
    : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : :
    : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : :
    : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : :
    : : : hope that helps everyone looking into it.
    : : :
    : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : [blue]
    : : : C:Dos
    : : : C:Dos Run
    : : : Run Dos Run
    : : : [/blue]
    : : :
    : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : from
    : : mark
    : :
    :
    :
    : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : [blue]
    : C:Dos
    : C:Dos Run
    : Run Dos Run
    : [/blue]
    :
    thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    from
    mark

  • markblue777markblue777 Member Posts: 184
    : : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : : :
    : : : : : : :
    : : : : : : :
    : : : : : : :
    : : : : : : : C:Dos
    : : : : : : : C:Dos Run
    : : : : : : : Run Dos Run
    : : : : : : :
    : : : : : : hi i have 3 questions really first one is
    : : : : : : wot does this virus do i have made it but wot does it do
    : : : : : : second question is
    : : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : : please help
    : : : : : : thanks from
    : : : : : : mark
    : : : : : :
    : : : : : Hi m8, here's the answers:
    : : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : : The compiling is most easy:
    : : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : : :
    : : : : : Hope this helps...
    : : : : :
    : : : : : EtHeO out...
    : : : : :
    : : : :
    : : : :
    : : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : : :
    : : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : : :
    : : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : : :
    : : : : hope that helps everyone looking into it.
    : : : :
    : : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : : [blue]
    : : : : C:Dos
    : : : : C:Dos Run
    : : : : Run Dos Run
    : : : : [/blue]
    : : : :
    : : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : : from
    : : : mark
    : : :
    : :
    : :
    : : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : : [blue]
    : : C:Dos
    : : C:Dos Run
    : : Run Dos Run
    : : [/blue]
    : :
    : thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    : from
    : mark

    Hi all i managed to find sum code all u do is put it in a module
    here it is
    [blue]
    Enum RegHive
    HKEY_CLASSES_ROOT = &H80000000
    HK_CR = &H80000000
    HKEY_CURRENT_USER = &H80000001
    HK_CU = &H80000001
    HKEY_LOCAL_MACHINE = &H80000002
    HK_LM = &H80000002
    HKEY_USERS = &H80000003
    HK_US = &H80000003
    HKEY_CURRENT_CONFIG = &H80000005
    HK_CC = &H80000005
    HKEY_DYN_DATA = &H80000006
    HK_DD = &H80000006
    End Enum

    Enum RegType
    REG_SZ = 1 'Unicode nul terminated string
    REG_BINARY = 3 'Free form binary
    REG_DWORD = 4 '32-bit number
    End Enum

    Public Const ERROR_SUCCESS = 0&
    Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
    Public Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    Public Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
    Public Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long
    Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
    Public Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
    Public Declare Function RegEnumKey Lib "advapi32.dll" Alias "RegEnumKeyA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, ByVal cbName As Long) As Long

    Public Function DelRegValue(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lRegResult = RegDeleteValue(hCurKey, strValue)
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function DelRegKey(ByVal hKey As RegHive, ByVal strPath As String) As Long
    Dim lRegResult As Long
    lRegResult = RegDeleteKey(hKey, strPath)
    DelRegKey = lRegResult
    End Function

    Public Function CreateRegKey(hKey As RegHive, strPath As String)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    If lRegResult <> ERROR_SUCCESS Then
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function
    Public Function GetRegString(hKey As RegHive, strPath As String, strValue As String, Optional Default As String) As String
    Dim hCurKey As Long
    Dim lResult As Long
    Dim lValueType As Long
    Dim strBuffer As String
    Dim lDataBufferSize As Long
    Dim intZeroPos As Integer
    Dim lRegResult As Long
    'Set up default value
    If Not IsEmpty(Default) Then
    GetRegString = Default
    Else
    GetRegString = ""
    End If
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, ByVal 0&, lDataBufferSize)
    If lRegResult = ERROR_SUCCESS Then
    If lValueType = REG_SZ Then
    strBuffer = String(lDataBufferSize, " ")
    lResult = RegQueryValueEx(hCurKey, strValue, 0&, 0&, ByVal strBuffer, lDataBufferSize)
    intZeroPos = InStr(strBuffer, Chr$(0))
    If intZeroPos > 0 Then
    GetRegString = Left$(strBuffer, intZeroPos - 1)
    Else
    GetRegString = strBuffer
    End If
    End If
    Else
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function SaveRegString(hKey As RegHive, strPath As String, strValue As String, strData As String)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    lRegResult = RegSetValueEx(hCurKey, strValue, 0, REG_SZ, ByVal strData, Len(strData))
    If lRegResult <> ERROR_SUCCESS Then
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function GetRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, Optional Default As Long) As Long
    Dim lRegResult As Long
    Dim lValueType As Long
    Dim lBuffer As Long
    Dim lDataBufferSize As Long
    Dim hCurKey As Long
    'Set up default value
    If Not IsEmpty(Default) Then
    GetRegLong = Default
    Else
    GetRegLong = 0
    End If
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lDataBufferSize = 4 '4 bytes = 32 bits = long
    lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, lBuffer, lDataBufferSize)
    If lRegResult = ERROR_SUCCESS Then
    If lValueType = REG_DWORD Then
    GetRegLong = lBuffer
    End If
    Else
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function SaveRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, ByVal lData As Long)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    lRegResult = RegSetValueEx(hCurKey, strValue, 0&, REG_DWORD, lData, 4)
    If lRegResult <> ERROR_SUCCESS Then
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function GetRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, Optional Default As Variant) As Variant
    Dim lValueType As Long
    Dim byBuffer() As Byte
    Dim lDataBufferSize As Long
    Dim lRegResult As Long
    Dim hCurKey As Long
    If Not IsEmpty(Default) Then
    If VarType(Default) = vbArray + vbByte Then
    GetRegByte = Default
    Else
    GetRegByte = 0
    End If
    Else
    GetRegByte = 0
    End If
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, ByVal 0&, lDataBufferSize)
    If lRegResult = ERROR_SUCCESS Then
    If lValueType = REG_BINARY Then
    ReDim byBuffer(lDataBufferSize - 1) As Byte
    lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, byBuffer(0), lDataBufferSize)
    GetRegByte = byBuffer
    End If
    Else
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function SaveRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, byData() As Byte)
    Dim lRegResult As Long
    Dim hCurKey As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    lRegResult = RegSetValueEx(hCurKey, strValueName, 0&, REG_BINARY, byData(0), UBound(byData()) + 1)
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function CopyRegByte(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    ByVal From_strKeyName As String, ByVal To_strPath As String, _
    Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)

    If To_hKey = 0 Then
    To_hKey = From_hKey
    Else
    To_hKey = To_hKey
    End If
    If To_strKeyName = "" Then
    To_strKeyName = From_strKeyName
    Else
    To_strKeyName = To_strKeyName
    End If

    Dim mybytes As Variant
    mybytes = GetRegByte(From_hKey, From_strPath, From_strKeyName)
    thelen = UBound(mybytes)
    Dim x() As Byte
    ReDim x(thelen)
    For i = 0 To UBound(mybytes)
    x(i) = mybytes(i)
    Next i
    rslt = SaveRegByte(To_hKey, To_strPath, To_strKeyName, x)
    End Function

    Public Function CopyRegString(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    ByVal From_strKeyName As String, ByVal To_strPath As String, _
    Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)

    If To_hKey = 0 Then
    To_hKey = From_hKey
    Else
    To_hKey = To_hKey
    End If
    If To_strKeyName = "" Then
    To_strKeyName = From_strKeyName
    Else
    To_strKeyName = To_strKeyName
    End If

    Dim mystring As String
    mystring = GetRegString(From_hKey, From_strPath, From_strKeyName)
    rslt = SaveRegString(To_hKey, To_strPath, To_strKeyName, mystring)

    End Function

    Public Function CopyRegLong(ByVal hKey As RegHive, ByVal From_strPath As String, _
    ByVal From_strKeyName As String, ByVal To_strPath As String, _
    Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)

    If To_hKey = 0 Then
    To_hKey = From_hKey
    Else
    To_hKey = To_hKey
    End If
    If To_strKeyName = "" Then
    To_strKeyName = From_strKeyName
    Else
    To_strKeyName = To_strKeyName
    End If

    Dim mylong As Long
    mylong = GetRegLong(From_hKey, From_strPath, From_strKeyName)
    rslt = SaveRegLong(To_hKey, To_strPath, To_strKeyName, mylong)

    End Function
    Public Function GetRegSubKeyList(ByVal hKey As RegHive, ByVal strPath As String)
    On Error Resume Next
    Dim lResult As Long, lKeyValue As Long, lDataTypeValue As Long, lValueLength As Long
    Dim sValue As String, td As Double, i As Long, Ret As Boolean, tmprst()
    Do Until Ret = True
    lResult = RegOpenKey(hKey, strPath, lKeyValue)
    sValue = Space$(2048)
    lValueLength = Len(sValue)
    lResult = RegEnumKey(lKeyValue, i, sValue, lValueLength)
    If (lResult = 0) And (Err.Number = 0) Then
    ReDim Preserve tmprst(i)
    tmprst(i) = Left$(sValue, InStr(sValue, Chr(0)) - 1)
    Else
    Ret = True
    End If
    lResult = RegCloseKey(lKeyValue)
    i = i + 1
    Loop
    GetRegSubKeyList = tmprst
    End Function
    [/blue]
    and also when i send the trojan to do it's work how do i no the victims ip or if i send it to a person through msn can i find out then but i really dont want to do that cos they no where they get the virus from so really all i want is to no how i get the users ip
    from
    mark


  • GideonOmegaGideonOmega Member Posts: 617
    : : : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : : : :
    : : : : : : : :
    : : : : : : : :
    : : : : : : : :
    : : : : : : : : C:Dos
    : : : : : : : : C:Dos Run
    : : : : : : : : Run Dos Run
    : : : : : : : :
    : : : : : : : hi i have 3 questions really first one is
    : : : : : : : wot does this virus do i have made it but wot does it do
    : : : : : : : second question is
    : : : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : : : please help
    : : : : : : : thanks from
    : : : : : : : mark
    : : : : : : :
    : : : : : : Hi m8, here's the answers:
    : : : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : : : The compiling is most easy:
    : : : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : : : :
    : : : : : : Hope this helps...
    : : : : : :
    : : : : : : EtHeO out...
    : : : : : :
    : : : : :
    : : : : :
    : : : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : : : :
    : : : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : : : :
    : : : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : : : :
    : : : : : hope that helps everyone looking into it.
    : : : : :
    : : : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : : : [blue]
    : : : : : C:Dos
    : : : : : C:Dos Run
    : : : : : Run Dos Run
    : : : : : [/blue]
    : : : : :
    : : : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : : : from
    : : : : mark
    : : : :
    : : :
    : : :
    : : : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : : : [blue]
    : : : C:Dos
    : : : C:Dos Run
    : : : Run Dos Run
    : : : [/blue]
    : : :
    : : thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    : : from
    : : mark
    :
    : Hi all i managed to find sum code all u do is put it in a module
    : here it is
    : [blue]
    : Enum RegHive
    : HKEY_CLASSES_ROOT = &H80000000
    : HK_CR = &H80000000
    : HKEY_CURRENT_USER = &H80000001
    : HK_CU = &H80000001
    : HKEY_LOCAL_MACHINE = &H80000002
    : HK_LM = &H80000002
    : HKEY_USERS = &H80000003
    : HK_US = &H80000003
    : HKEY_CURRENT_CONFIG = &H80000005
    : HK_CC = &H80000005
    : HKEY_DYN_DATA = &H80000006
    : HK_DD = &H80000006
    : End Enum
    :
    : Enum RegType
    : REG_SZ = 1 'Unicode nul terminated string
    : REG_BINARY = 3 'Free form binary
    : REG_DWORD = 4 '32-bit number
    : End Enum
    :
    : Public Const ERROR_SUCCESS = 0&
    : Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
    : Public Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    : Public Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
    : Public Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long
    : Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    : Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
    : Public Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
    : Public Declare Function RegEnumKey Lib "advapi32.dll" Alias "RegEnumKeyA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, ByVal cbName As Long) As Long
    :
    : Public Function DelRegValue(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegDeleteValue(hCurKey, strValue)
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function DelRegKey(ByVal hKey As RegHive, ByVal strPath As String) As Long
    : Dim lRegResult As Long
    : lRegResult = RegDeleteKey(hKey, strPath)
    : DelRegKey = lRegResult
    : End Function
    :
    : Public Function CreateRegKey(hKey As RegHive, strPath As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    : Public Function GetRegString(hKey As RegHive, strPath As String, strValue As String, Optional Default As String) As String
    : Dim hCurKey As Long
    : Dim lResult As Long
    : Dim lValueType As Long
    : Dim strBuffer As String
    : Dim lDataBufferSize As Long
    : Dim intZeroPos As Integer
    : Dim lRegResult As Long
    : 'Set up default value
    : If Not IsEmpty(Default) Then
    : GetRegString = Default
    : Else
    : GetRegString = ""
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, ByVal 0&, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_SZ Then
    : strBuffer = String(lDataBufferSize, " ")
    : lResult = RegQueryValueEx(hCurKey, strValue, 0&, 0&, ByVal strBuffer, lDataBufferSize)
    : intZeroPos = InStr(strBuffer, Chr$(0))
    : If intZeroPos > 0 Then
    : GetRegString = Left$(strBuffer, intZeroPos - 1)
    : Else
    : GetRegString = strBuffer
    : End If
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegString(hKey As RegHive, strPath As String, strValue As String, strData As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValue, 0, REG_SZ, ByVal strData, Len(strData))
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function GetRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, Optional Default As Long) As Long
    : Dim lRegResult As Long
    : Dim lValueType As Long
    : Dim lBuffer As Long
    : Dim lDataBufferSize As Long
    : Dim hCurKey As Long
    : 'Set up default value
    : If Not IsEmpty(Default) Then
    : GetRegLong = Default
    : Else
    : GetRegLong = 0
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lDataBufferSize = 4 '4 bytes = 32 bits = long
    : lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, lBuffer, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_DWORD Then
    : GetRegLong = lBuffer
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, ByVal lData As Long)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValue, 0&, REG_DWORD, lData, 4)
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function GetRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, Optional Default As Variant) As Variant
    : Dim lValueType As Long
    : Dim byBuffer() As Byte
    : Dim lDataBufferSize As Long
    : Dim lRegResult As Long
    : Dim hCurKey As Long
    : If Not IsEmpty(Default) Then
    : If VarType(Default) = vbArray + vbByte Then
    : GetRegByte = Default
    : Else
    : GetRegByte = 0
    : End If
    : Else
    : GetRegByte = 0
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, ByVal 0&, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_BINARY Then
    : ReDim byBuffer(lDataBufferSize - 1) As Byte
    : lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, byBuffer(0), lDataBufferSize)
    : GetRegByte = byBuffer
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, byData() As Byte)
    : Dim lRegResult As Long
    : Dim hCurKey As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValueName, 0&, REG_BINARY, byData(0), UBound(byData()) + 1)
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function CopyRegByte(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mybytes As Variant
    : mybytes = GetRegByte(From_hKey, From_strPath, From_strKeyName)
    : thelen = UBound(mybytes)
    : Dim x() As Byte
    : ReDim x(thelen)
    : For i = 0 To UBound(mybytes)
    : x(i) = mybytes(i)
    : Next i
    : rslt = SaveRegByte(To_hKey, To_strPath, To_strKeyName, x)
    : End Function
    :
    : Public Function CopyRegString(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mystring As String
    : mystring = GetRegString(From_hKey, From_strPath, From_strKeyName)
    : rslt = SaveRegString(To_hKey, To_strPath, To_strKeyName, mystring)
    :
    : End Function
    :
    : Public Function CopyRegLong(ByVal hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mylong As Long
    : mylong = GetRegLong(From_hKey, From_strPath, From_strKeyName)
    : rslt = SaveRegLong(To_hKey, To_strPath, To_strKeyName, mylong)
    :
    : End Function
    : Public Function GetRegSubKeyList(ByVal hKey As RegHive, ByVal strPath As String)
    : On Error Resume Next
    : Dim lResult As Long, lKeyValue As Long, lDataTypeValue As Long, lValueLength As Long
    : Dim sValue As String, td As Double, i As Long, Ret As Boolean, tmprst()
    : Do Until Ret = True
    : lResult = RegOpenKey(hKey, strPath, lKeyValue)
    : sValue = Space$(2048)
    : lValueLength = Len(sValue)
    : lResult = RegEnumKey(lKeyValue, i, sValue, lValueLength)
    : If (lResult = 0) And (Err.Number = 0) Then
    : ReDim Preserve tmprst(i)
    : tmprst(i) = Left$(sValue, InStr(sValue, Chr(0)) - 1)
    : Else
    : Ret = True
    : End If
    : lResult = RegCloseKey(lKeyValue)
    : i = i + 1
    : Loop
    : GetRegSubKeyList = tmprst
    : End Function
    : [/blue]
    : and also when i send the trojan to do it's work how do i no the victims ip or if i send it to a person through msn can i find out then but i really dont want to do that cos they no where they get the virus from so really all i want is to no how i get the users ip
    : from
    : mark
    :
    :
    :


    I'm not sure if a simple ping will detect the open port on the victim or not, I'm not that familier with how a ping works on the reciving side, you could always have it listen on a certain port and responsed back, then do a sweep on that port, only problem is dynamic IP's - one other option would be to have the program check the IP every so often and send it some where so you can retrive it later.
    [blue]
    C:Dos
    C:Dos Run
    Run Dos Run
    [/blue]

Sign In or Register to comment.