Design and implement of thread inject Trojan horse
Abstract
With the rapid popularization of the Internet and the constantly development of its application, various kinds of hacker tools and Internet attack methods have also appeared. These attacks have seriously damaged the interests of the Internet users. Among these attacks, Trojan horse has been a rather popular one because of its extensive range of attack, the disguise for the self-protection and the enormous harmfulness. In Windows XP, the Trojan horse is injected into process Explorer, and then it creates a thread to listen at port 2048, which make it hard to find out. The Trojan horse will be copied to the systematic catalogue automatically after it is operated, and will be named as similar one of the systematic files, which make administrators dare not to delete the file easily among the numerous systematic file .The Trojan horse avoids antivirus software, fire wall’s alarm, the perception of the system manager and decrease probability of being detected Trojan horse. In this thesis, we firstly point out some basic ideas of the Trojan horse which includes its definition, principle, classification and the development trends. We introduce some techniques about its injecting, auto-loading, and its applications. The methods of its auto-running in windows operating system platform are also discussed in this paper, and the crucial fractions of its implement is presented。In this thesis, the author makes a key description on the design of a Trojan horse and implementation with Microsoft Visual C++. This thesis is lucubrated on the part of Trojan horse hiding.
Key words: Trojan horse;Thread inject;Hide; Back door