ICQ Trojan
(Backdoor.Win32.SPing.a)

by Falcon

more versions


Readme version A.5
Friday, May 29, 1998
ICQ Trogen.

There are two Win32 programs included with this zip. icqtrogen.exe and
icqclient.exe. This file tells how to demo the use for each of them.

Icqtrogen.exe
	Icqtrogen.exe is made to be placed in your icq folder and move
the real icq to icq2.exe. netdetect calls our icq and ours calls icq2
so the user can't see it. Also, my icq Trojan has NO user interface,
the only way to see it is to ctrl-alt-del and see if it around.  This
program opens a port and sits there lissing for a connection. The idea
is simmalar to TFTP.

Icqclient.exe
	Icqclient.exe is your client to login to icqtrogen.exe on a
remote computer. It uses a very high port number so not to set off
any bells on a network.  Its texted based as I didn't have time to do
a real UI right now.  Its really simple just type in:

icqclient 127.0.0.1
or 
icqclient <ip of remote computer> to log in to that IP if the above
daemon is running.

You can upload/download/exec/list files and its pretty fun if you can
write your own code to display a message and then run exe it.  :P If
your don't know programming just make a file called test.bat and put
this inside:

ECHO "Hey buddy"

And then just exe it just like normal.

Problems:
1) The client and daemon often page-fault during file transfers.
FIXED!

2) If you disconnect that is it till they restart icqtrogen.
3) No way of being told what the remote IP of the Trojan is.
FIXED put a host in database.sys and it will send a datagram to
server!
4) The client is hard to use and messes up with the char a lot.
FIXED! not pritty but is more useable!

I promise all these problems will be fixed soon. School is out in two
days and I will finally have some free time to play.  A nearly bug free
version with in a month. Promise.
-Falcon




Server:
size: 39 KB

port: 4950 TCP

MegaSecurity