[ Certified Ethical Hacker v10 ] :: [ Chapter 10 ] :: Trojans, Backdoors, Viruses and Worms

This entry is part 18 of 30 in the series [ Certified Ethical Hacker Training ]

Chapter 10: Trojans and Other Attacks

Trojans and Backdoors

These aren’t really the same, they just get discussed under the same heading.

Famous Trojans

  • Neverquest Trojan (banking)
  • ZeuS
  • Mirai (IoT)

The Simplest Backdoor of All Time

Create a listener (-l) on the victim:

nc -l -p 5555

Then connect to the victim by IP address on the listening port:

nc <ip_address> -p 5555

Build Your Own Trojan

  • Trojan Horse Construction Kit
  • IExpress.exe (a wrapper)


  • Boot sector
  • Shell
  • Cluster
  • Multipartite
  • Macro
  • Polymorphic code
  • Encryption
  • Metamorphic
  • Stealth
  • Cavity
  • Sparse infector
  • File extension

Famous Virii

  • WannaCry (ransomware)
  • Cryptolocker
  • Petya

‘Tox’ Offers Free build-your-own Ransomware Malware Toolkit

“Tox, which runs on TOR, requires not much technical skills to use and is designed in such a way that almost anyone can easily deploy ransomware in three simple steps, according to security researchers at McAfee who discovered the kit.”


Scripts for Script Kiddies


Script Kiddie Virus Kits

There are a lot of these, and some are mentioned in the CEH exam. For instance:

Creating a Virus in Python:


Worms don’t need no steenkin’ user interaction.

Famous Worms


netstat -an

netstat -b

Process Explorer and Autoruns




“Sheepdip system”

Session Hijacking

see https://schoolforhackers.com/certified-ethical-hacker-v10-session-hijacking/

Evading Anti-Malware

  1. Break the malware file into multiple pieces. Zip them up together.
  2. Change the syntax (eg. EXE to VB)
  3. Change the file extension
  4. Alter the malware file in a hex editor
  5. Encrypt the malware
  6. Wrap the malware

Wrapping Malware

These tools “wrap” an executable (exe, bat, or whatever) into a self-extracting archive that auto-runs a malware implantation.



IExpress, built right into Windows:


Painful Computer Pranks




Series Navigation<< [ Certified Ethical Hacker v10 ] :: [ Chapter 9 ] :: Hacking in the Cloud[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Denial of Service >>