Is it possible to make some kind of software, that will destroy files on an attackers machine? For example, lets say Bob wants to hack Jim. Bob tries to connect to Jim's computer using a "backdoor trojan virus" (I believe that's what they call it.) Is it possible for Jim to write some program that will keep Bob from connecting to his machine, and in the process destroy the trojan that Bob tries to connect with, so that Bob wouldn't be able to use his little trojan do hickey on anybody else?

Sorry, but I'm just curious. I'm just now starting to learn C#. I am very very very noobie. But I think it would be awesome if someone wrote a program that could do that:)

Well anything is possible, but for all intents and purposes the answer is no.

For Jim to do any harm to Bobs computer he would need to infect bobs computer with a virus. Jim would have to be a much much better virus writer than Bob to make that happen, and since Bob has managed to infect Jims machine this seems rather unlikely.

But there has been a cases where, people have created 'counter-viruses'. I think someone once wrote a program that could detect an attack from the MSSQL Slammer worm, connect to the attacking machine, using a backdoor opened by the MSSQL Slammer worm, and remove the virus from the attacking machine.

Of course one has to note, that this is different from the senario you suggested, because it was the attacker that was infected with a virus which had a backdoor, not the attacked.

But I think it would be awesome if someone wrote a program that could do that
NO, this would be very very very bad, I cannot stress that enough. This has the potential to create far bigger problems that any virus ever created, since you don't know for sure if the attacker is a malicious person, or some innosent guy who has been infected with a virus.

Interesting...

But I'm little confused.

The purpose of virus is primarily destructions, not hacking. To secure a system you can use Firewalls/Port Scanners/IDS (Intruder Detection Systems).

But to counter attack, you'll have to have some way to get inside the attrackers computers (IP & Port) and if I have to hack someones computer, I'll be the world top class fool to let my own system expose for any hacker/counter attacker to penetrate in my system.

blackhalo15, I think if you provide some detail scenario, then it would be easy to figure out some way, at this level its pretty generic.

Just a review of terms here...

Virus is any program which can replicate itself. That is copy itself to another machine by some means..

Tojan Horse is code which may or may not be inside the virus to do something either good or bad to the host machine...

Hacker is somebody who believes information and data should be free and sets about trying to make it so through intelectual means. Hacker isn't about snuffing out somebody's box nesessarily.

Cracker is someone who is trying to strike out and or do bad things to folks. It's an intelectual persuit and those who aren't intelectually armed are lambs to the slaughter..

Crack is a work around the protections built into a software system by the designers.


Is it possible to make some kind of software, that will destroy files on an attackers machine?


absolutely. It's the details of how you will identify that machine, how you will acess that machine and finally exactly what you're going to destroy where the technical chalenge exits. There isn't a generic answer to this. It would have to be based upon study of the infecting virus and the choices/exploits that virus writer used.


to connect to Jim's computer using a "backdoor trojan virus"


a virus is a program which replicates itself. It's not a very accurate smart bullet if your targeting a specific machine. So virus is probable the wrong word here. Tojan implies you have a program already installed on your target machine. Which is probable unlikely since the first you will have heard from him is when he messes with you. Backdoor is the contents of the Trojan. Typical backdoors implement ftp or telnet or even a web server so the hacker/cracker can log onto the infected machine. Again won't be you're approach. If your using a program such as ZoneAlert.. you will be notified with perhaps an ip address. First you'll want to finger or do a whois on the IP to try to figure out to whom it belongs... If he's a cable modem user for example with dynamic ips this won't tell you much other than the modem company he's using. If he's in a company or has his own domain you might get lucky and be able to get his home phone number.
Then you'll need to try to connect to the ip address using different ports to see if the dude has any holes in his defenses.. an active web server perhaps.. a shared directory left open... dcom!!... That will determine how you try to gain access to his machine.. not preinstalled malicious software....


and in the process destroy the trojan that Bob tries to connect with, so that Bob wouldn't be able to use his little trojan do hickey on anybody else?


First off the trojan you're trying to destroy would be on your machine and not his. Secondly the malicious software will usually listen on a given port and allow Cracker X to telnet into itself by connecting on that port. So cracker X doesn't need anything on his home box other than telenet to gain access to you after he's got your ip address which his virus provides.

anyway... keep thinking about it... good luck..