by ksv
Released in December 2006
v1.2 General/Mainwindow: * Server rewritten to 90%, now being better at bypassing firewalls. * Registry Editor added. * Datacompression added for most transfers between server and client. * Kernel level process hiding added (DKOM method, hiding the process where bifrost is injected, unless injected to a specific process). * Improved ping system. Pingsystem also modified to send pings less often when connected via TOR, as the minimum packet size then is 500kb. * Remote user idle time added (time away from keyboard). * Assigned name and download folder always combined with an unique id (harddisk volume nr) to ensure each user get an unique name. * Possible to make notes about each user. * Bypasses windows hardware data execution protection, DEP. * Checking of passwords for incoming connections is now optional. * Uploading of plugin more stable. * Server can now be injected to svchost.exe. * "Persistant server" option added. * Minimize to tray added. * "Open Download Folder" added to context menu in main window. * Added flags indicating country next to each connection. Method used to determine country can be selected from settings menu. * Works on restricted accounts: + If the user isn't logged as admin, the server will be created in Application Data folder. + If it fails to write activex or HKLM to the registry, it will automatically write to HKCU as the user is logged in on a restricted account. Builder/Settings: * New builder with much more help text. * Up to 20 dns's allowed. * Connection from server to client via up to 20 socks4 proxies. * TOR plugin (by Andvare) added. Allows the remote user to connect to you via TOR network. * Possibility to choose mutex name. * Option to use kernel level unhooking. * Older file date and attribute hidden can now be selected for the server. * Option to delay server start first time it is run by a selected number of days, hours and mimutes. * Server file and subdirectory can get file mode "invisible", "system" and get an older file time set. * Server is always installed to a new subdirectory in either "program files", "windows" or "system32". * Option to run the server in a fully visible mode (for remote support). * Possible to make the server sleep (not making any connections at all) by pointing it to 255.255.255.*. Thanks to s13az3 for this idea. wink.gif Filemanager: * Last changed file date added in filemanager. * Network shares added to filemanager. * Option to exclude "temporary internet files" from file search. * Recursive deleting of directories added. * Recursive download added. * Added option to resume downloads. * Added option "Yes to all" and "No to all" when being asked if to overwrite when downloading. * Filemanager has direct links to desktop, my documents and recent files. * Added "set desktop wallpaper" to filemanager. * Possible to manually enter a path in the filemanager Bugfixes: - Bug when selecting a drive in the filemanager with no permission, fixed. - Dowloading of file with zero size no longer hangs. - Errorhandling improved for fileuploading. - Bug when running a file from the filesearch list fixed - Long filenames can now be used in file search Keylogger: * Keylogger moved from plugin to server, so plugin is no longer needed for offline. * Size of the log chopped to half size when reaching 2 mb to avoid too big logs. * Option to exclude shift, Ctrl and backspace added to the keylogger. * Possible to save offline keylog to file. Bugfixes: - Bug in keylogger that messes up the use of dead keys (like �^��) fixed. - Bug that causes online keylogger to sometimes lose chars fixed. Screencaps: * Screen cap option of 16 and 1 bit images added, to give the option of faster caps. * Size of image displayed in the sceen cap window. * Added option to get full size screen cap and then navigate with scroll bars. Bugfixes: - Bug that caused client to crash when closing and reopening screen cap while recieving fixed. - Screencap crash when using no plugin and big caps fixed. - Memory leak when taking jpg caps fixed. Webcam: * Better handling of webcam when more than one driver. System Manager: * More info sent to "System Manager". System info is also automatically refreshed when opened. * Process were injected to marked in red in process list. * Info if user logged in as admin added to the system manager. Password grabber: * Firefox added to password scanner. * Msn added to the password grabber. * More cd-keys added to the pw-stealer. Bugfixes: - Buffer overflow errors in the password grabber in the plugin, which could cause server crash are now fixed. Server: dropped file: c:\Program Files\Bifrost\server.exe size: 27,517 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836} "stubpath" data: C:\Program Files\Bifrost\server.exe s tested on Windows XP December 05, 2006MegaSecurity