Trojan horse is a remote control program based on "client/server" mode. After the trojan horse server running on user's PC, it can open a specifical port or connect with trojan horse client or do other actions. In that way, we can control remote PC in the Internet. My research is a part of the Internet detection.This paper discuss correlative theoretics of trojan horse. And it particularly discuss DLL trojan horse start-up & trail hidden technique based on Windows 2000/NT. Many advanced techniques have been used in the experiment, such as 3DES and reverse ports etc. This paper puts forward del-itself technique and update-itself technique of trojan horse firstly. Based on that, I designed and actualized corresponding trojan horse.At the same time, Sthreads start-up used in virus is introduced to trojan horse start-up. And the designs of controlled virus-model trojan horse spread and DLL trojan horse based on SPI are put forward. |