-
January 5th, 2006, 12:19 PM
#1
Banned
stealth application
can someone help me make a app that isn't visible in the task manager or the app can't be killed
i need it to start netcat with some options
-
January 5th, 2006, 01:08 PM
#2
Hi,
I'm not sure what your intentions are, but they don't look too good from my end... Anyway, here's a snippet from a blog I found:
From blogs.msdn.com/oldnewthing
Programs can try to make themselves more difficult to kill (deny PROCESS_TERMINATE access, deny PROCESS_CREATE_THREAD access so people can't CreateRemoteThread(EndProcess), deny PROCESS_VM_WRITE so people can't scribble into your stack and make you doublefault, deny PROCESS_SUSPEND_RESUME so they can't suspend you), but eventually you just can't stop them from, say, elevating to Debug privilege, debugging your process, and moving EIP to "ExitProcess".
While that is how to make it difficult to quit, I'm sure that if you contact the authors of one of these keyloggers they might tell you the tricks of the trade.
-jk
-
January 5th, 2006, 01:20 PM
#3
night117
For a first post, that was not too subtle huh?
Try looking at the Sony rootkit software?...............you get a free music CD with every copy
Then you have to figure out how to re-engineer it to your requirements.
-
January 6th, 2006, 12:07 PM
#4
Banned
I'm not sure what your intentions are, but they don't look too good from my end..
I have good intensions.I want to run it on my friends pc (he wants to experiment with ports and some software)
-
January 6th, 2006, 12:27 PM
#5
We didn't come in yesterday's mail. There's only one reason for that and it is:
Relyt@play: #nc -1 -(some switch) (some port number) -(some switch) /bin/sh or cmd.exe
Connection refused, try again later.
-
January 6th, 2006, 12:45 PM
#6
Banned
I have found a way how to hide the process
But how to make it run on startup (without puting it in startup folder)?
Where in the registry should i put the path to the app?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|