PDA

View Full Version : Prorat detected



volcom
12-31-2007, 11:21 AM
Hey if i send a trojan in a zip attached to a picture to some* their virusscan won't let it open the zip file so its actually impossible to hack em , and i tried to put their virus scan off but ofcourse they won't do it.any * got something for me so their virusscan won't notice it?

Grtz volcOm

proratter
12-31-2007, 11:36 AM
Hey does anyone know where I can get the prorat SE or else a patch to upgrade it?

urgent
thanks

coz
12-31-2007, 10:42 PM
I'll probably be able to post the ProRat v*.* Special Edition Undetectable tomorrow. However I'm not sure if I should post it or email to to people because if I post it more AV companies will be likely to find and add it to their signature database.

Volcom - Its normal for their AV to pick up your trojan. Being a zipped trojan does absolutely nothing to evade an AV scanner. Evan commercial programs that are used protect, scramble, and shrink files cannot fool AVs most of the time. In order to fool someone you should start with something undetectable by most AVs then begin hiding its look. If your trying to say its a game, change the icon to a game icon and bind it to a game. You know, something like that. I don't really have much experience with this stuff buts its how I would go about it. To use things to shutdown a firewall or Av would take a lot of testing before I would use it. It would also really help a lot to know what AV they use. That way you only have to pass that one anti-virus scanner not a dozen commonly used ones.

volcom
01-01-2008, 06:39 AM
ok ty but that special edition whats the different with the normal edition is it undetected,are the trojans undetected???

coz
01-01-2008, 05:11 PM
Honestly there isn't much different. There is a lot I could say about the program but I can't be *00% right on everything. The program is basically a shit load of other peoples work. Its a mass of programs into one. You can actually, with a PE Editor, sit there and extract each exe and dll from the file that it uses, go to the authors site and download the same thing. Most of the software inside are also packed with things like UPX and PC Crypter (I think that was it). It uses common programs to protect the server.exe file such as FSG (a packer/protecter) but I found it weird to use exe2vbs. Not really sure how that works yet. They used other peoples demo versions of libraries and software such as the ftp server and proconnect. And when I compared the special edition server with the public server there were several differences. But the changes didn't seem important. They make it so you cannot hex edit the server by adding a crc checksum because I think thats all they do. Anyway I don't think it makes a undetectable server at all. At one time it might of. I could be missing something though. The one downloader clearly looked hex edited to remove the ProRat text but I can't say for sure.

Anyway on the server deal, I will probably to get it undetectable today but no promises. Because of that CRC check and not knowing what everyone would want theirs to do I don't know if it will happen. If it does I will post back.