• Trojans are malicious pieces of
code used to install hacking
software on a target system
and aid the hacker in gaining
and retaining access to that
system. Trojans and their
counterparts are important
pieces of the hacker’s toolkit.
• Trojans is a program that
appears to perform a desirable
and necessary function but
that, because of hidden and
unauthorized code, performs
functions unknown and
unwanted by the user.
• Trojan generally consists of
two parts: a client component
and a server component. For
the Trojan to function as a backdoor, the server component has to be installed on the
• Server is part of the Trojan on the Victim’s Computer. It opens a port in the Victim’s
computer and invites the attacker to connect and administrate the computer.
• Client Trojan is the part of the Trojan on the Attacker’s computer. It tries to connect the
Victim computer and administrate the computer without the permission of the User.
• A wrapper is a program used to combine two or more executables into a single packaged
program. The wrapper attaches a harmless executable, like a game, to a Trojan’s payload,
the executable code that does the real damage, so that it appears to be a harmless file.
• Hackers use it to bind the Server part of the Software behind any image or any other file.
Some Famous Trojans
• Back Orifice
• Pest Trap
Modes of Transmission
• CD or DVD Autorun
• Pen Drive
• Shared Drives
• Awareness and preventive measures are the best defense against Trojans.
• Educate users not to install applications downloaded from the Internet and email
• Most commercial anti-virus products can automatically scan and detect backdoor
programs before they can cause damage.
• TCPView is a Windows program that will show you detailed listings of all TCP and UDP
endpoints on your system, including the local and remote addresses and state of TCP
• On Windows NT, 2000, and XP, TCPView also reports the name of the process that
owns the endpoint.