XP Remote Admin Tool
Results 1 to 9 of 9

Thread: XP Remote Admin Tool

  1. #1
    AntiOnline Senior Medicine Man
    Join Date
    Nov 2001
    Posts
    724

    Question XP Remote Admin Tool

    So, I am a new user of the new win xp.I just got me a WinXp box about a month ago. Over all, I have been impresses by its GUI, and all the cool little features.Very user freindly, with out being painstakingly obnoxious. One lil section that gets me, is the administration tools folder. I havent got a real chance to play with it....but as it seems you can request a call for "assistence" and WINDOWS will accept RAT connections from a specified Ip address.

    Now, I have talked with some other Tech's up here, and the VERY few that have used this RAT, say that on the client side, you have just about every option you could imagine. You even get a screenshot every second or so. Windows even politly disables the server sides mouse and keyboard FOR you.
    How sweet.

    Question: How are these requests for assitence made?

    This I am sure could be easily exploited. I am sure a simple script could activate this "call for help". And just think the security hole it would create, if an evildoer created a worm that ran this script. Replicating itself over and over and over. Thousands, if not millions could be effected by this. Hopefully forcing Microsoft to release a patch. (Yeah Right)

    Question: Does .vbs work the same in Xp as it does in 98? Meaning can somone create a .vbs script in an HTML page and write somesort of assistence request program to there disk simply by clicking? Kinda like the "GodMesage" exploit.
    It is better to be HATED for who you are, than LOVED for who you are NOT.

    THC/IP Version 4.2

  2. #2
    Member
    Join Date
    Jan 2002
    Posts
    82
    I can't answer your question sorry but i would like to ad a little thing...
    It's installed in the default installation!
    A big trojan build in windows!

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    856
    Hey Dr. Toker,
    I think normally there are a couple of ways the "call for assistance" is made. Either with an instant messaging program or by e-mail. The person wanting the assistance sends the person they want to invite an invitation by e-mail or instant messenger. This invitation includes a password that the person accepting the invitation must use. The inviter can also set a time limit on how long the invitation stays open. Where did you get your XP box? Mine is an HP and it came with a pre-loaded help section that tells how to use Remote Assistance and other stuff on the computer. You can also disable the Remote Assistance feature and make it impossible (afaik) for assistance invitations to be sent from your box. Believe me, I have! Hth
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    218
    http://www.microsoft.com/windowsxp/p...st/default.asp

    try this link. also, i would likle to warn you that windows xp has numerous options that can exploited that are installed by default. it would be in your best interest to go through your system and disable these. yes it may look pretty but it is also very exploitable. m$ really screwed up by releasing it so fast without proper testing. be sure to check the patches and find any you think you need.

  5. #5
    Senior Member
    Join Date
    Feb 2002
    Posts
    856
    Yes to what VanEck said. You might want to go to the Windows Update site if you haven't. They have already released some patches for Windows Xp including the one for the Universal Plug and Play service. I also got a program from Steve Gibson's site http://www.grc.com called Unplug and Pray that can disable or reenable it at will. You might also want to disable NetBios if you haven't already. You probably already know this stuff though. But if you don't, reply or PM me and I'll try to tell you how.
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  6. #6
    AntiOnline Senior Medicine Man
    Join Date
    Nov 2001
    Posts
    724

    Question Thanx Guys

    Thanks for all the info.......Preach, can you expand on your first post about the invitation to remote admin.


    Question: Does .vbs work the same in Xp as it does in 98? Meaning can somone create a .vbs script in an HTML page and write somesort of assistence request program to there disk simply by clicking? Kinda like the "GodMesage" exploit.
    It is better to be HATED for who you are, than LOVED for who you are NOT.

    THC/IP Version 4.2

  7. #7
    I think that it would Dr. Toker...somebody was asking me about RA....yes this could be quite exploitable. Not good

  8. #8
    Member
    Join Date
    Mar 2002
    Posts
    85
    I agree with preacherman481 about disabling netbios. Also YES vb scipts do execute on an xp box. Could be used to expoit your system. To fix that you can open up explorer and click tools/folder options. Then click on the file types tab. Scroll down untill you see .vbs and .vbe. By defalt you can see that these extentions are opened with the Microsoft windows base. If you cange the defalt action to edit, Notepad will be opened and your system is safe. You will be able to view the files befor you open them to make sure they are not expoits. This technique can be used with all scipting languages that interpite the windowd scipting host. I know that the DOD (department of defense) disables .wsc , .wsh , .ws , .wsf , .vbs , .vbe , .js , .jse.

    Hope this was helpfull.
    LATER-
    __________________________
    Computers make sense people
    DON\'T.

  9. #9
    AntiOnline Senior Medicine Man
    Join Date
    Nov 2001
    Posts
    724
    IT was more helpfull than you think. Thank you so ****ing much


    *Dr Toker rolls a joint and passes it to guru..
    It is better to be HATED for who you are, than LOVED for who you are NOT.

    THC/IP Version 4.2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •