January 5th, 2006, 12:19 PM
can someone help me make a app that isn't visible in the task manager or the app can't be killed
i need it to start netcat with some options
January 5th, 2006, 01:08 PM
I'm not sure what your intentions are, but they don't look too good from my end... Anyway, here's a snippet from a blog I found:
While that is how to make it difficult to quit, I'm sure that if you contact the authors of one of these keyloggers they might tell you the tricks of the trade.
Programs can try to make themselves more difficult to kill (deny PROCESS_TERMINATE access, deny PROCESS_CREATE_THREAD access so people can't CreateRemoteThread(EndProcess), deny PROCESS_VM_WRITE so people can't scribble into your stack and make you doublefault, deny PROCESS_SUSPEND_RESUME so they can't suspend you), but eventually you just can't stop them from, say, elevating to Debug privilege, debugging your process, and moving EIP to "ExitProcess".
January 5th, 2006, 01:20 PM
For a first post, that was not too subtle huh?
Try looking at the Sony rootkit software?...............you get a free music CD with every copy
Then you have to figure out how to re-engineer it to your requirements.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
January 6th, 2006, 12:07 PM
I have good intensions.I want to run it on my friends pc (he wants to experiment with ports and some software)
I'm not sure what your intentions are, but they don't look too good from my end..
January 6th, 2006, 12:27 PM
We didn't come in yesterday's mail. There's only one reason for that and it is:
Relyt@play: #nc -1 -(some switch) (some port number) -(some switch) /bin/sh or cmd.exe
Connection refused, try again later.
January 6th, 2006, 12:45 PM
I have found a way how to hide the process
But how to make it run on startup (without puting it in startup folder)?
Where in the registry should i put the path to the app?