-
March 7th, 2003, 02:48 AM
#1
Junior Member
Back Orifice & Deep Throat
hi,
using Trojan Defense systems3 knock utility today. not sure if indicates active rat server. the tool scanned known ports for servers and indicates udp 31337 with a reply/result of zero (as opposed to forcefully rejected) and response for deep throat1 on udp 60000 reply/result of zero.
does anyone know where i can get a list of commands for both programs so i can interrogate this trojan/rat further??? all help appreciated.
grumpy in Los Angeles
-
March 7th, 2003, 03:35 AM
#2
Member
you might want to try www.cultdeadcow.com
sorry i wasnt very helpful
Hey there, chaps! Being mexican-american, I don\'t really think I have the racial background to say that...Oh well, visit our site at www.evilcorp.tk
Don\'t expect any content...for a few weeks!
-
March 7th, 2003, 10:33 AM
#3
Just remove the thing, and be sure not to pass the trojan on to anybody else.
HKEY_LOCAL_MACHINE/SOFTWARE/MICROSOFT/WINDOWS/CURRENTVERSION/RUN
is a good place to start looking. It will also be in your win.ini run=" .exe"
and your system32 proably. Won't be able to delete it however. Move to new folder, drop to command prompt only and deltree /y the file " .exe" yes that is a space in the file name.
This file will not show up in Windows task manager in early versions, and is named " .exe" by default.
quote:
does anyone know where i can get a list of commands for both programs so i can interrogate this trojan/rat further??? all help appreciated.
interrogating this rat is proably not a good idea. waste of time.
This is what happens when you play with script kiddie tools.
Your heart was talking, not your mind.
-Tiger Shark
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|