02-07-2014, 09:39 PM
Hi.
I want to show, why a antivirus will only protect you from programs that existed, and had a trojan or virus added later.
If a programmer, adds his malicious code from the beginning, no antivirus will detect it.
And this way you think your program is clean and doing what it should do, while infact its opening your entire pc to the world.
The program linked below, will open a telnet server at port 1337.
You can connect to it with telnet, or putty, and u will have direct access to the entire PC.
As you can see the program promises to make coffee for you, but in the background it will do something else, and u will never notice.
Now when we look at the virus total report :
I added the file, so you can try for yourself.
You can run it, connect to 127.0.0.1 at port 1337 and you will see that it will open a shell without any hesitation.
But the main thing i want you to do, is just scan it with your antivirus installed on your pc, and see for yourself.
(It wont add anything in your memory, and when you close the program, the telnet server is gone. this is only to prove my point why releases shouldnt be only checked with virustotal when they can open your pc wider then anything. Its written in C# so you can decompile it if you dont thrust me
)2