How to Make a Trojan Horse
Most of you may be curious to know about how to make a Trojan or Virus on your own. Well, here is an answer to your curiosity. In this, post I’ll show you how to make a simple trojan on your own using C programming language. This trojan when executed will eat up the hard disk space on the root drive (The drive on which the Windows is installed, usually C: Drive) of the computer on which it is run. Also, this trojan works pretty quickly and is capable of eating up approximately 1 GB of hard disk space for every minute it is run.
So, I’ll call this as Space Eater Trojan. Since this program is written using a high level programming language, it is often undetected by antivirus programs. The source code for this program is available for download at the end of this post. Let’s see how this trojan works:
Before I move on to explain the working of this program, you need to know what exactly is a Trojan horse and how it works. Unlike what many of us think, a trojan horse is not a virus. In simple words, it is just a program that appears to do a favorable task but in reality performs undisclosed malicious functions that allow the attacker to gain unauthorized access to the host machine or cause a damage to the computer.
Now lets move to the working of our Trojan:
The trojan horse which I have created appears itself as an antivirus program that scans the computer for malware programs. However, in reality it does nothing other than eating up the hard disk space on the root drive by filling it up with a huge junk file. The rate at which it fills up the hard disk space it too high. As a result, the the root drive gets filled up completely with in minutes of running this program.
Once the disk space is full, the trojan reports that the scan is complete. The victim will not be able to clean up the hard disk space using any of the cleanup program. This is because, the trojan intelligently creates a huge file in the Windows\System32 folder with the .dll extension. Since the junk file has the .dll extension it is often ignored by the disk cleanup software. Hence there is now way to recover the hard disk space other than reformatting the drive.
The algorithm of the Trojan is as follows:
Search for the root drive
Navigate to %systemroot%\Windows\System32 on the root drive
Create the file named “spceshot.dll“,
Start dumping the junk data onto the above file and keep increasing it’s size until the drive is full.
Once the drive is full, stop the process.
You can download the Trojan source code HERE. Please note that I have not included the executable for security reasons. You need to compile it to obtain the executable.
How to compile, test and fix the damage?
Compilation:
For step-by-step compilation guide, refer my post How to compile C Programs.
Testing:
To test the trojan, just run the SpaceEater.exe file on your computer. It will generate a warning message at the beginning. Once you accept it, the Trojan runs and eats up the hard disk space.
How to fix the damage and free up the space?
To remove the damage and free up the space, just type the following in the “run” dialog box:
Now search for the file “spceshot.dll“. Just delete it and you’re done. No need to re-format the hard disk.
Please pass your comments and tell me your opinion. I am just waiting for your comments…
You say with this program there’s no way to recover the disk space except by formatting the hard drive. Umm, can’t you just delete c:\windows\system32\spceshot.dll? Technically, this program wipes the free space on the drive. If you just add one more line of code that deletes the dll at the end, it would be a very useful privacy tool, preventing people from undeleting files.
I always think of trojans as being programs that allow the attacker to remotely issue commands to the victim. Like, open a port to bind a shell to, or regularly sending reverse shells somewhere, or something like that.
@ m0rebel
“there’s no way to recover the disk space except by formatting the hard drive” means, for a victim, without knowing the place where the file is dumped it is not possible to delete it. So there’s no other go for him unless formatting the drive. ie: If you know that the file is dumped is %systemroot%\system32 then it’s possible to delete the file and no need of formatting..
I like your work.. keep it up
Very Thanks…
I asked u a question
what is borlan c++
Hello. Is it possible for you to provide the code or program without the warning screen? It is part of the class I lead. You have worked with me before, on the “How to make a virus” post. Speaking of which, I came up with a way to make a program that does the exact same thing but does not use C++ programming. Thank you.
Hey can anybody tell me how to make this type of comment box Please….
Brother,would system restore utility be able to remove the Trojan from system.
@ Kapil Kaushal
System restore will restore all the settings of your PC to an earlier date. So this may remove the virus (if it is not fully spread). If the virus is spread then chances are low that it will be removed.
@ Poppernut
I have purposefully added this warning screen to avoid script kiddies from misusing it. However you can edit the source code and then recompile it to remove the warning…
Do you have a trojan that can keylogg the victims typed words and send it on a specific mail ID
IT is not working IF antivirus avast is installed
Do you have a trojan that can keylogg the victims typed words and send it on a specific mail ID….!!!!!!
can u tell me how to create such a virus that on opening any window, the comp will shut down?
srikant sir,
ihave problem regarding window 7beta earlier i installed in desktop but it is 30days trial pack. tell me thing how can i make it fully activate
u said dat it will dump junk data. my hdd is 160 G.B. will it be able to dump such huge amt of data & if at all it dumps wat sort of data will it dump? again after deleting the junk data will i be able to get my previously stored information?
@ avi
Yes the trojan can fill any amount of diskspace. But it’ll only fill the root drive(C:) not the whole harddisk. So, for example if your C: drive is 40 gb it’ll take a few minutes to fill up the space. Sure, you can get back your space by deleting the junk file.
boss i recently installed window 7 ultimate built7000 bt it is a trial pack of 30 days tell me the crack to make it completly full version
@ PIYUSH
Sorry, I do not provide links to cracks, keygens etc. You may find it yourself..
Hey,
I want to ask you why you opened explorer.exe in the code. Why Can not I open internet explorer after ? used your programme.
Sir! I am using Turbo C++ 3.0 by Borland International.
when i compile the codes and generate it i cannot change the icon of the . exe file using the IconChanger- “cannot change some icons”
whats the problem?
I want to learn how to hack plssssssss teach me!!………….. email me at [email protected] …………… i want to save life……..
nice codes..
@ darkterror
Turbo C++ 3.0 is 16-bit compiler. You need to use a 32-bit compiler (C++ 5.5 or higher)
@ ema
I opened explorer.exe to make sure it is the root drive..
tnx for the reply sir Srikanth but where i can download borland c++ 5.5 for free?
HOW TO CREATE THAT “spaceshot.dll” file….pls help me
@ darkterror
You can download it for free from Borland Website. Search on google for “Borland C++ 5.5″
thanx that was really a huge one……….
sir srikanth tnx for sharing your knowledge..
this site can help me to my programming skills
make some more codes for us.
tnx
hai sir
can we set a setting to a folder in such a manner that
when we open it, a c program’s .exe file runs and asks for a string to enter (password). can we set it please reply
guys i have the real gh0st rat hacking software .yesyesyesyesyessssssssssssssss
@ aditya
It is not possible to just set a folder to ask for password using a c program. We have to create a seperate project for that. Instead you can use some ready made programs available for password protecting files and folders.
thanks dear….
yaaar you are tooo great
hi srikant…please tell which line to delete from source code to avoid warning
After downloading… can you email the trojan horse and how do you get them to open it
@ sau
Deleting the warning part is left upto you. If you are good in C you’ll be able to do that with ease..
HELLO SRIKANTH
I M JATIN I WANT TO KNOW HOW TO OPERATE SOME ONE COMPUTER THROUGH IP ADDRESS ONLY (*I MNOT ASKING ABOUT TELNET LIKE TEEMVIWER OR SHOW MY PC AND LOGMEIN.MSC*)PLS MAIL ME ANSWER IS THIS POSSIBLE OR NOT
MY E MAIL ID IS -[email protected]
Thanks for the explanation bro. i have one question for you how can i see those binaries..wether its 8bit or whatever? dave compiler for c++ is not compiling it ive tried every possible way but its telling me something is wrong..so how do i proceed? am confused….Thanks for your time.
@ HUMPTYdUmPtY
Use Borland C++ 5.5 or newer to compile. All of my programs are designed for Borland C/C++ compiler. For other compilers you have to make modifications in the code.
Great work.keep it up…..
wooooow cooool stuf thanx man..
hi hackers i have problem that when i turn on my wifi in laptop it shows some networks the show that massage “secured wireless nework” and a lock logo on them.could u give me a solution or a trick to acesses
hellooo Dude
I read your artical & I think it is realy good man. but i have a problem u said that .dll file will not be deleted by disk clean up software’s. can u tell me why
@ Rishi Sangal
dll stands for Dynamic Link Library. dll files are usually system files and hence disk cleanup softwares never bother about them. They look only for junk files with extension .bak, .tmp etc.
how do you send it to someone?
can you remotely send it and have it automatically execute by itself?
@ doofus
You can send it by attaching it via email. But the remote user has to execute it, otherwise it’ll not execute on it’s own.
thank u for sharing ,i love your job
)
great!! m a bio student bt thanx2 ur easy language i grasped much ‘f ths..is thr ne size by which i cn sort the files in sys32..i.e does being of a large size (say 1.5~2 gb) guarantee a file being trojan..hw2 identify othrwise??
@ Rohit Kumar
It is better to scan the file using an antivirus to detect whether or not it’s a malicious file. However you can only suspect a file to be a virus/trojan if it’s too large. But theres no confirmation.
sir,
ma orkut acond hack some 1 how can i found him? he hak ma accond and change ma name and ma dp and he change ma addrs about mee
wat i do?
boss can u kindly tell me names of mobile hack softwaers and from where to get them
Hey plssssssss tell me how to create spceshot.dll file………I m creating folder….is this right or i have 2 create file…..if file than tell me how……?
You told in detail that how to create the trijan horse…
but please tell in shortcut way to remove it without formatting….
hi…..
i read ur topics
sure very cool
i like to know much more from you..
im a IT student
hello
got to ask something, bec when i was on friendster chatting someone is hacking me there, and i dont know what to do,?? can you help me how to prevent it from hacking me, and can you teach me on how to make a virus for his?her acct, and i want also to learn how to hacked.. thanks
hope you could help me,,
more power and god bless,,
and also i was wondering about what spy soft ware would keep out a trojan horse,please notafiy me soon,sinserly,mr.lander’s.
sir i would like know which file i should delete frm system32 dr r too many files
Didn,t work for windows 7 RC with AVG
HI BHAI, YAAR I WANT 2 HACK MY GF”S ORKUT ACCOUNT. IS IT POSSIBLE IF IT IS THEN TELL ME PLZ. IT IS THE QUESTION OF MY LOVE.
hi
i just want to know how do came to know about all this ? was it through experiment or through a book,please reply
hi sri……
2 delete the …warning message i hav edited the code n saved it…n then re compiled it..bt am nt gettin exe file….
i want 2 send the new exe file…without warnin message plzz help me…
@ john
Creating this trojan was totally my concept. I framed the algorithm and coded that in C.
Hey Srikant,
I made some changes in the above torjan and made it look like a kaspersky scanner.I changed the heading, the inner text and put the icon of kaspersky anti-virus on to it to make it look like an original kaspersky scanner and sent it to my dad for fun.But the kaspersky anti-virus of my dad’s computer displayed the following message:
The requested object is INFECTED with the following viruses: not-a-virus:FraudTool.Win32.Agent.ru
To have a look to the modified torjan visit the follwoing link:
But, when I tried to download the original torjan which you created, kaspersky didn’t display any warning.Can you tell me the reason for this?
@ Bill
The reason may be that you are using the name “KasperskyAntivirusscanner2009″ and you’re using the kaspersky icon. try changing the icon to someother antivirus.
marvelous. just in one read i undrstood the whole thing.keep posting articles like these. it will help beginners like us to make our hacking career bright and prosperous
Thanks for such good example, I tried it on my laptop just to see how it works. I need help with something else, can you tell me some program which I can use to convert this code to code in Delphi, does something like that exist.
Brother, thanks for all of ur instructions…
I am using Turbo C++ 4.5 and when i make an exe program with this, the exe program does not run saying that 16-bit MS Dos subsystem and gives the option of ignore or close..i’m using Vista 32-bit system…whether i have to use another compiler of 32-bit or something else…
Thank u in advance…
how to get the junk file or is it tht when u create spceshot.dll automaticlly the junk data gets added
plsss tell me
Sir i dot know c so can you provind the same source for c++
yes spaceshot itself acts as virus which is actually a junk file….keep in mind,it occupies the memory of the hard disk and fill it up…
visit my blog:[email protected] for WBUT informations…
can anybody plzz tell me whre can i get good blinders
really grt8 work man
this website very googd
i’m thanks of you
hi !!!! how to send a virus to cellphone using pc?????? can you plz tell me!!
I AM BEGINER IN THE FILED OF HACKING SO NEED THE COMPLETE BASIC KNWLEDGE OF HACKHING
very nice , sir………!
Grt work man
hyyyyyy yarr tumne ye sab khud sikha tha ya tumne bhi kisi se sikha lekin jo bhi ho tumne mera rasta aasan kardiya thanks.
EMAIL SECURITY »
How Do Email Spam Filters Work
If you are the one who works with emails on a daily basis, you are most likely to be using a SPAM FILTER to ease the job of sifting through a large number of spam emails …
HOW STUFFS WORK »
How Antivirus Software Works
Due to ever increasing threat from virus and other malicious programs, almost every computer today comes with a pre-installed antivirus software on it. In fact, an antivirus has become one of the most essential software package for every computer.
Even though every one …
HOW-TO GUIDES »
How to Use HOSTS File to Block or Redirect Unwanted Websites
The hosts file is one of the interesting and useful feature of both Windows and Linux operating systems that provides many handy options in addressing network nodes. For instance, you can use the hosts file …
INTERNET SECURITY »
How to Use HOSTS File to Block or Redirect Unwanted Websites
The hosts file is one of the interesting and useful feature of both Windows and Linux operating systems that provides many handy options in addressing network nodes. For instance, you can use the hosts file …
NETWORK HACKS »
Access Your Facebook Account with 3 Passwords
Did you know that you can login to your Facebook account using 3 different passwords? Seems interesting isn’t it? Yep! Unlike any other online account which has only one password to access, Facebook lets you …
Categories
I am the author and founder of GoHacking.Com. It all started in November 2007 as a small blog with just a few pages.
However, with the passage of time, the blog picked up more traffic and the response from the readers was also increased. This made me take up blogging more seriously.
You can read more about me or get in touch with me on Google+ or contact page.
Most Commented
Blogroll