It all depends on how stealthy or what you actually want to accomplish. If you don't want the silly toys like opening CD/DVD trays or flipping a screen upside down (although very funny to do this to a friend or coworker), then KISS - Keep It Simple Stupid.
Something like netcat or the newer and stealthier cryptcat are still great for back doors and can be installed with SQL injection.
As for trojans, anything can be a trojan. You just simply have to trick the user into installing it while thinking it's something they want. So modern wrappers are good to attach backdoors to legit programs. Hell, you could make the logical argument that phishing is a form of trojan. Something to trick the victim into lowering their defenses long enough to let the bad guys in.
Just wanted to add to the conversation,
CISSP, MCSE, CSTA, Security+ SME