Originally posted by MrBrent
I wish I was that good of coder.
You'll have to be WAY more than a coder, unless that term is being VERY general. See unless you have THEIR code and have THEIR access you will need to get around the security and try to encrypt the data to get around the network. Sure you have those FUD programs everyone knows about but a more complex network(I had a simple one, but more complex than average) will scan EVERY packet that is sent & received on the network, sure slows things down but makes it much harder to get by.
I tried attacking boxes on my own net a year ago by sending fake emails and links using the SE toolkit and then having an attachment with connection info that was encrypted that the target would download and be small enough that over time it would connect to my server with the malware, code, exploit etc and send it in small amounts back and forth. Like 30kb of code a minute, now I have slow internet so if I was scanning it would be OBVIOUS the incoming traffic wasn't a webpage and could be something else.
See instead of having it be one big code you can separate it to make it harder to detect for the average person(really not worth the time unless its a valuable targ)
Part 1 - Small file that someone will download or think its nothing and is decrypted to prevent an AVG detection. Contains connection info to your server with the rest of the code and some way to communicate back and forth. The BARE basics meaning only a way to connect, no transfers at this time.
Part 2 through ? - depending how big it is and what you want it to do, the next few parts might just be the code that tells each one to bond with the main box where the original file is and each will be delivered in small sizes with encryption and will eventually link and then be the final deal with what you want.
See you have to know more than coding. You need to know how to reverse things, write your own encryption security. AND MAKE IT GOOD. See some "hackers" get off more from taking out another hacker than simply finding their IP and ddosing them. Think about that mini part virus I was just trying to explain, if you sent that to many people but one found out and knew what he was doing he could reverse it(or simply track the traffic - another reason to hide it and keep it small, back to your server or box) If I get the connection info then I simply have access to you eventually and then I can root your server or do some whaling and get all your stolen data etc.
These things are complex. Good presentation as well. I hope that made sense as its hard for me to explain without getting too wordy.