Yesterday I was merrily reverse engineering the very popular Trojan SDBot. I was about 60% done when I found out that the source code of it is actually available online. Too bad, the next time I'll check that before I start debugging. The only good thing that came out of the wasted time is a little Java tool I wrote to communicate with SDBot.
It's a TCP server called RawSrv that can send and receive ASCII strings. That's often necessary due to the popularity of Trojans that communicate with their creator using an ASCII protocol (mostly IRC). I'm sure tools like that exist
en masse (and way better) on the internet but I suffer from the not-built-here syndrome and it's time for another website update.
Click here to see a screenshot of me communicating with the dreaded SDBot!
Click here to download RawSrv (as always it includes the complete Java source code).
