Sub7 is there a fake server?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Sub7 is there a fake server?

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    126

    Question Sub7 is there a fake server?

    before i get flamed, i've been looking for a while, and I can't seen to find the piece of software I require. (I guess I might have to write it)

    Does anyone know of any product that opens up the sub7 ports, and logs requests (Platform = Windoze 98se).

    It'd be a real bonus if it'd act like sub7 to keep the kiddies interested long enough to get some good evidence. ( a sub7 honey pot if you will)

    Obviously I don't want to have my CDROM drive opening and closing all the time so I can't use the real thing.

    If i'm onto a loser feel free to tell me.

    Regards

  2. #2
    Senior Member
    Join Date
    Mar 2002
    Posts
    238
    Please stop posting this.. this... this ****! Your a lamer, I dont mean to flame, but you really are. Being a hacker has nothing to do with sub7.

    1337-1337= you. Sorry bout this, but you'd have better luck at this link:

    www.google.com
    -{[ Joe ]}- (Joe@nitesecurity.com)
    http://www.nitesecurity.com

    [shadow]I\'m Just A Soldier In This War Against Ignorance.[/shadow]

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    126

    Ooopsy

    Sorry, I'd better clarify.

    I don't want to install sub7 on a machine.

    All i want is a machine to sit and log sub7 requests, and maybe respond back (not action the requests), as if it was a sub7 server. (Without being sub7)

    my reasoning ....

    I administer a mid size network that has the hardware provided by a 3rd party.

    The 3rd party is hell to get routing logs etc from.

    Recently we've noticed that some of our machines have had sub7 server placed on them, and there is someone using it.

    All i want to do, is catch the person and at the same time gather enough evidence for a disiplinary.

    There's major kudos in this if i catch the person without calling in an outside agency.

    As I said .. If i'm onto a loser, please tell me, hell if there's a better way tell me.

    Berlieve me, i've tried google.com (amongst others)

  4. #4
    Senior Member
    Join Date
    Mar 2002
    Posts
    238
    Ok, sorry for the misunderstanding. Well, what I would do is run Norton Anti Virus on the system. When it detects sub-seven, you can view the logs. When it detects someone using it, meaning a new connection with a questionable file or the such, to a netstat-n on your system to see all the connections from different servers and systems.

    Oh, now I get it! You want a server that acts like one that is being influenced under sub7! I get it now! Anyway, what I think you should do is, maybe, open a direct connection with an IP address and send commands. For example, if your ip address was 1.1.1.1 you would go:

    Sub7 user: connect
    Then you: Connection to 1.1.1.2.

    Since you're already connected to his computer because he's using sub7 on you, there won't be a need to clarify IP addresses. You can run different commands on him, get a lot of system information, like HostName and IP address. Hope this helps.
    -{[ Joe ]}- (Joe@nitesecurity.com)
    http://www.nitesecurity.com

    [shadow]I\'m Just A Soldier In This War Against Ignorance.[/shadow]

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    http://packetstormsecurity.org/trojans/00Sub7_20.zip

    00[Sub]7 - The Ultimate SubSeven Logging Tool. Sets up a fake sub7 server on the default port which can send all sorts of false information to the client.

    theres a couple good ones at this site, that do some pretty funny **** like send a graphic of an fbi badge with the words 'your busted' on it, when the client requests a screen shot
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Senior Member
    Join Date
    Mar 2002
    Posts
    238
    Thats an easier way.. use Tedob's way. I was just going technical.. obviously a little too technical and hands on... that seems funny, an FBI badge LoL
    -{[ Joe ]}- (Joe@nitesecurity.com)
    http://www.nitesecurity.com

    [shadow]I\'m Just A Soldier In This War Against Ignorance.[/shadow]

  7. #7
    Banned
    Join Date
    Apr 2002
    Posts
    14
    This is a AntiHacking site ... therefore better if you don't talk about trojans...

  8. #8
    System_Overload
    Guest

    Thumbs down

    What a stupid ****en question to ask..... Your a ****en wanker bofhandpfy... Why would you even want to ask a question about a dick sucking trojan? Im so ****en sick you little newbie lamers!!!

    System_0verload

  9. #9
    Senior Member
    Join Date
    Aug 2001
    Posts
    503
    Hmm...
    In my MOST humble opinion, there is nothing wrong with this thread except for the few people *cough* System_Overload *cough* who can't seem to understand what is trying to be asked. bofhandpfy is obviously looking for a honeypot for Sub7. That is not the trojan itself. It simply mimics the trojan and makes the kiddiot on the other end think that the trojan is working fine until *BAM* it blows up in their face. Again, there is nothing wrong with asking this question. I would understand why you lost your cool, System_Overload, if bofhandpfy had been asking for help using Sub7, but since he's not, go eat a cucumber or something.

    *sigh* Immaturity abounds. What a pity.
    God bless,
    --PhirePhreak
    I know you\'re out there. I can feel you now. I know that you\'re afraid. You\'re afraid of us. You\'re afraid of change. I don\'t know the future. I didn\'t come here to tell you how this is going to end. I came here to tell you how it\'s going to begin. I\'m going to hang up this phone, and then I\'m going to show these people what you don\'t want them to see. I\'m going to show them a world without you, a world without rules and controls, without borders or boundaries. A world where anything is possible. Where we go from there is a choice I leave to you.

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    there seems to be quit a few people comming in here, thinking this is an anti-hacking site. unless something has changed im not aware of, it is not.

    this is a pro security site. many of the folks here are involved in security/administration and some practice what they like to call "white-hat hacking".

    good hacking skills have always been respected here.

    its important that trojans and exploits be discussed inorder to make people aware of them. but as i said before, many are involved in security, and activly hate script kiddies. so if somebody comes here acting like one, their gonna get flammed, big time.

    if someone asks how kiddies get these things onto your system, how they work, how to detect them and protect against them, they'er going to get some helpful answers.

    on the other hand if somebody asks how do i put sub7 on my friends computer, let just say, it would be better if they didn't.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides