Skip to content

Netbus – my first Trojan Horse

The first time I saw a Trojan Horse it was a little Script Kiddy tool name NetBus.

Netbus was a little tool that had two parts:

1. a client software that I could run on my computer as the “attacker”.

2. a server software that I needed to trick the “victim” to run on his computer.

The server was a file called “Patch.exe” and was about 483KB. When the “Victim” launch the server It seems that it isn’t doing anything but that was not the case.

The netbus server started on the cmputer and open tcp port 12345 for business.

The attacker had a control software (this was the Client):

As you can see, most of the options are for playing around: Open CD-Rom, Swap mouse etc..

But there were some cool things you could do:

Start a program,Port redirection, Go to URL – all of those could give an experienced attacker a way to create backdoors into the victim’s company LAN.

Screen Dump, Get info, Listen, File Manager are all basic surveillance tools.

This was one of the parent of all modern attack software used by Cyber Crime Lords, Information Warefare soldiers and Cyber Terrorists today.

You can download this Trojan easily by searching its name (“netbus”) on google.

Posted in Trojans. Tagged with , , .

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Some HTML is OK


(required, but never shared)

or, reply to this post via trackback.