Remote Administration Trojan's
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
computer science crazy
Super Moderator

Posts: 3,048
Joined: Dec 2008
22-09-2008, 09:42 AM


The Remote Administration Trojans, also known as RATs are the most popular type of Trojans today. This type of Trojan allows the creator or who ever is using it to gain access to victims are there and perform many functions on their computer. These RATs are very easy to use, coming in a package of two files a server file and a client file. If you can get a chance to run the server file, resulting in obtaining his/her IP address, you will gain full control over their computer. These Trojans can also be bind into other programs which seem to be justifiable.

Remote Administration Trojans in a general sense open a port on your computer and themselves to it. What they are really doing is making the server file listen to incoming connections and data come through these ports. Once some one runs their clime program and enters the victims IP address, the Trojan starts receiving commands from the attacker and runs them on the victim's computer.

The most common non-viral malware which acts as a virus and infects information is said to be a Trojan horse. The Trojan horse bears the name of some standard program.

A Trojan horse could be either:
1. An unauthorized instruction contained with in a legitimate program. These instructions perform functions unknown to the user.
2. A legitimate program that has been altered by the placement of unauthorized instructions within it.
3. Any program that appears to perform a desirable and function but that (because of unauthorized instructions with in it) performs functions unknown to the user.
These all instructions are unwanted to the user.

Under a restricted environment, (a restricted UNIX shell or a restricted Windows computer) malicious Trojans can't do much, since they are restricted in their actions. But on an ordinary PC, Trojans can be lethal and quite destructive.

Most windows Trojans hide from the Alt+Ctrl+Del menu. (We haven't seen any program that had the ability to hide itself from the processes list yet, but you can know-one day some one might discover a way to do so.) This is bad because there are people who use the task list to see which process are running .There are programs that will tell us exactly what process are running on your computer.

Also some Trojans might simply open an FTP server on your computer (usually NOT PORT 21, the default FTP port, in order to be less noticeable). The FTP server is, of course passworded, or has a password which the attacker has determined, and allows the attacker to download, upload and execute files quickly and easily.
Use Search at wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Active In SP

Posts: 291
Joined: Apr 2010
07-04-2010, 12:46 AM

Refer this pdf for further details :

.pdf   remote administration trojans(RAT).pdf (Size: 505.29 KB / Downloads: 259)
Use Search at wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
project report helper
Active In SP

Posts: 2,270
Joined: Sep 2010
22-09-2010, 02:38 PM

More Info About Remote Administration Trojan's

Active In SP

Posts: 1,124
Joined: Jun 2010
29-09-2010, 10:07 AM

.docx   RAT.docx (Size: 119.44 KB / Downloads: 102)
Remote Administration Trojans (RATs)

Remote Administration Trojans (RATs) are malicious pieces of code often embedded in legitimate programs through RAT-fiction procedures . They are stealthily planted and help gain access of victim machines, through patches, games, E-mail attachments, or even in legitimate-looking binaries . Once installed, RATs perform their unexpected or even unauthorized operations and use an array of techniques to hide their traces to remain invisible and stay on victim systems for the long haul. For instance, RAT-ified versions of programs UNIX ps and Windows taskmgr.exe keep RATs from appearing in the list of active processes; moreover, by modifying system configurations including the boot-scripts and the Registry database, RAT-binaries often survive system reboots or crashes. A typical RAT consists of a server component running ∗Correspondence to: Zhongqiang Chen Contract/grant sponsor: European Social Funds and National Resources Pythagoras Grant & Univ. of Athens Research Foundation; contract/grant number: - ZHONGQIANG CHEN, PETER WEI AND ALEX DELIS on a victim machine and a client program acting as the interface between the server and the attacker. The client establishes communications with its corresponding server as soon as the IP address and port of the latter become available through feedback channels such as Email, Instant Messaging and/or Web access . While interacting with a RAT server, an attacker can record keystrokes, intercept passwords, manipulate file systems, and usurp resources of victim systems. By continually changing their name, location, size, and behavior, or employing information encryption, port hopping and message tunneling for its communications, RATs may elude the detection of security protection systems such as firewalls, anti-virus systems (AVs), and intrusion detection/prevention systems (IDSs/IPSs). Once bound to legitimate programs, RATs in execution inherit a victim’s privileges and raise havoc; moreover, they launch attacks against other systems purporting themselves to be super users. RATs provide the ideal mechanism for propagating malware including viruses, worms, backdoors, and spyware. The number of RATs has been steadily increasing from in to in and their update rates are also impressive; just Sub Seven delivered versions in alone. The number of RAT infected machines is staggering: in % of security incidents in Korea were Trojan inflicted mostly by Back Orifice (BO) and in % of intrusions in Israel were due to Net Bus and BO. Pest Patrol reports that roughly % of all incidents are attributed to RATs. Compromised machines are often used as spring-boards for distributed denial of service attacks, further exacerbating the problem. The best option for avoiding RATs is to verify every piece of software before installation using a-priori known program signatures . This, however, becomes impractical as a comprehensive database of known program signatures is unavailable and RATs are frequently delivered via multiple channels such as patches, attachments, file sharing, or simply Web-site accessing. The polymorphic nature and parasitic mechanisms of RATs render their identification a challenge even if we seek specific and known types of Trojans . Host- and network-based techniques have been widely employed by firewalls, AVs and IDSs/IPSs to detect and block RATs . Static fingerprinting is the predominant method in host-based RAT detection where unique facets of Trojans are extracted to establish a Trojan Database, which entails file names, sizes, locations, checksums, and special patterns in RATs . By periodically scanning every file in a system and matching fingerprints against those in the established database, RATs can be revealed. In addition, monitoring the access of files in the startup folder, registries, auto start files, and configuration scripts of a system is another popular host-based technique that helps identify suspicious activities. Network-based methods follow a different philosophy as they examine both the status and activity on TCP/UDP ports to determine any deviation from expected network usage. Abnormal behavior and/or malformed network messages can be detected by monitoring port access patterns and/or analyzing protocol headers of packets exchanged among systems. Similar to host-based methods, unique RAT-manifested telltale patterns in network communications are exploited as signatures to distinguish malicious traffic . Clearly, the RAT detection accuracy of host- and network-based methods depends on the quality of the Trojan database and signatures used; the latter can be easily obfuscated by attackers using an array of evasion techniques. In this paper, we propose a comprehensive framework for detecting and dealing with known Rats which employs network-based detection methods and operates in inline mode to inspect and manipulate every passing packet in real-time. Our objective is to enhance the reliability and accuracy of the detection process in comparison with existing anti-Trojan options. To track suspicious RAT activities, our framework monitors network sessions established by both potential Trojans and normal applications, records and maintains state information for their entire lifetime; furthermore, this information is archived even after a session has terminated in order to conduct stateful inspection, intra-session data fusion, and inter-session correlation.

seminar class
Active In SP

Posts: 5,361
Joined: Feb 2011
02-05-2011, 11:34 AM

Rajeev Kumar

.ppt   remote administration trojan's.ppt (Size: 1.93 MB / Downloads: 92)
 Remote administration trojans are the malicious pieces of code often embedded in legitimate progam performing the functions which the users don’t want to perform.
 RATs generally resemble the program that the user wishes to run.
 It is used to connect and manage multiple computers remotely.
 Trojan horses are named after the Greek’s gifting a huge wooden horse to the Troy that housed the soldiers who emerged in the night and attacked the city.As it is remotely administrated so it has been named as RATs.
 RATs work as client-server pairs.server resides on the infected machine and client resides elsewhere across the network.
 Using standard TCP/IP protocols,the client sends instructions to the server and the server does what it is told to do on the infected computer.
 RATs install themselves and starts showing their effects.
 RATs can generally do the following:-
 Download,upload,delete and rename files
 Format drives
 Open CD-ROM tray
 Drop viruses and worms
 Log keystrokes
 Hack passwords,credit card no.
 Print text,play sound.
Active In SP

Posts: 1
Joined: May 2012
22-05-2012, 10:12 PM

where is the ppt of remote administration using mobile ?????????????????
seminar ideas
Super Moderator

Posts: 10,003
Joined: Apr 2012
23-05-2012, 10:06 AM

to get information about the topic "Remote Administration Trojan's" full report ppt and related topic refer the link bellow



Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Controlling Remote Desktop pdf seminar projects maker 0 242 26-09-2013, 01:03 PM
Last Post: seminar projects maker
  Remote-Controlled Home Automation Systems with Different Network Technologies Report study tips 0 318 12-06-2013, 04:52 PM
Last Post: study tips
  ppt on Remote Display solutions for mobile cloud computing study tips 0 456 07-06-2013, 03:28 PM
Last Post: study tips
  Computer Administration seminar tips 0 265 23-02-2013, 03:18 PM
Last Post: seminar tips
  Remote Login: Telnet PPT study tips 0 438 15-02-2013, 10:05 AM
Last Post: study tips
  To study Remote procedure call i.e RPC protocol study tips 0 467 14-02-2013, 12:52 PM
Last Post: study tips
  Remote WAP Report project girl 0 473 01-02-2013, 04:06 PM
Last Post: project girl
  Introduction to Remote Sensing & GIS PPT project girl 0 540 01-02-2013, 12:00 PM
Last Post: project girl
  Cyborg Beetles: The Remote Radio Control of Insect Flight pdf project girl 0 402 28-01-2013, 03:17 PM
Last Post: project girl
  Addressing the Secure Platform Problem for Remote Internet Voting in Geneva pdf project girl 0 314 21-01-2013, 02:59 PM
Last Post: project girl