[Tutorial/C#] Remote Administration Tool, Part 1, The Server.

[Chad]

Introduction
Hello, thank you for reading this tutorial. This tutorial is going to teach you the following information.

• What is a Trojan/Back Door/Remote Administration Tool (RAT)
• What kind of damage a Trojan/Back Door/Remote Administration Tool (RAT) can do.
• Basics of a Trojan Virus.
• How to make one in C# (Can be made in any language that allows TCP/Sockets)
• How to prevent one of these nasty little viruses.

What is a Trojan/Back Door/Remote Administration Tool (RAT)?
A Trojan Virus, also known as a Back Door and Remote Administration Tool (RAT for short), is a virus or other type of program that will allow another computer user to gain access to your computer with you knowing or without you knowing.

What kind of damage can a Trojan do to my computer?
There are typically two types of Trojans. There is a Trojan virus in which you download and have to execute, for it to take any effect, that allows someone to control your computer. There is also a Trojan Downloader that is a program much like a Trojan that downloads other viruses such as Key loggers, Password Stealing Programs, and other programs on your computer without you knowing.

Basics of a Trojan Virus
A Trojan Master (as I like to call them) basically sits on the computer and fiddles with his/her zombie army (Infected Computer Users). The more infected he has to control, the more powerful he/she gets. This Trojan Master, can DDOS Web Sites, DDOS Other Computers, Steal valuable information such as credit cards and passwords, and as well as do nothing. Many schools and companies have "Friendly" Trojans on their computers to monitor what students/employees are doing while on the computer.

How to make a simple multiple threaded Trojan in C#.Net
Seeing as this is the most pain staking process in this tutorial I shall attempt to make it in a video. I will also try to explain it via text and pictures as I much prefer video.

First off, what we want to do is create a new project for the server. It can be either a Console or a GUI application. In this tutorial I'm going to use a console for simplicities sake. If you want more functionality you can use a GUI. Now that we have our application all up and ready and with no coding aside from what they have already provided. We are going to start.

First off, what we want to add is a new Class in which we will start coding the TCP Server functions. We shall call this class, TCP. Yes, I am going to use TCP instead of sockets because I prefer it. Also, I might add, these are not going to be asynchronous (using 1 instance, 1 port, handling multiple clients at the same time) meaning it will not do those things in the brackets.



So, now we want to start coding the TCP_Server. Keep in mind this TCP Class will hold and maintain both the Client and the Server.
We want to get rid of all the coding in it except for the using statements. We are going to start working on the server. We will start by adding three using statements to the server.

PHP Code:

using System.Net;
using System.Net.Sockets;
using System.Threading; 


We are also going to code this class so it can be used for all projects. So let's code the base of the class file.

PHP Code:

public class TCPServer
{
} 


What this will do is allow other parts of the program to use this class and create an instance for it.

Now that we have the main base done, we are going to put the declarings that we are going to use in a region for organization.

PHP Code:

public class TCPServer
{
    #region Declarings
    TcpListener Listener;
    TcpClient Server = new TcpClient();
    NetworkStream netStream;
    #endregion
} 


What this does is when a new instance of the TCP Class is generated it will also create a new instance in which the Server and Client will use.

This is what you should have within the TCP Class so far.

So now what we want to do is have the Server listen for incoming connections on a specific port and IP. Usually on a local IP and a port that's not opened by other programs or used constantly. Try to avoid using these ports, 22, 23, 53 (I think), 80, and 8080. Always check to see if programs use a specific port because this can cause an error in the server and cause it not to function properly. What we are going to do is stick it in a thread making it multiple threading that way the program doesn't get stuck in that one specific loop causing everything else to be ignored until it gets out of the loop.

PHP Code:

    public void Listen()
    {
        Thread thread = new Thread(Listening);
        thread.Start();
    } 


Creates a new thread and starts it on the listening void in which we are just about to create.

PHP Code:

    private void Listening()
    {
       while(true)
        {
            Server = Listener.AcceptTcpClient();
            if (Server.Connected)
            {
                netStream = Server.GetStream();
                break;
            }
        }
    } 


Ok, what this does is it keeps the Server listening for connections and when it accepts one it will break out of the loop. This only allows one connection at a time. Not Asynchronous with multiple connections with one instance.

So now we should have something like this

PHP Code:

public class TCPServer
{
    #region Declarings
    TcpListener Listener;
    TcpClient Server = new TcpClient();
    NetworkStream netStream;
    #endregion

    public void Listen()
    {
        Thread thread = new Thread(Listening);
        thread.Start();
    }

    private void Listening()
    {
       while(true)
        {
            Server = Listener.AcceptTcpClient();
            if (Server.Connected)
            {
                netStream = Server.GetStream();
                break;
            }
        }
    }
}