by BlackCobra
Released in May 2007
Written in Visual Basic
This application is based on the fwb injection technique completely coded in vb. No c/c++/Delphi dlls or other is used for injection. Purely in vb. As the name suggests open a port on the victim computer and you can telnet to the target port and you will have the cmd shell. The application is not using any of the vb form. EditServer =========== Only 2 options for the moment. 1. port, to be opened on vic 2. registry name The application drops a dll file in the system32 dir and an exe file. The application auto starts on every boot. Server: dropped files: c:\WINDOWS\system32\server.dll Size: 28,692 bytes c:\WINDOWS\system32\yahoomessenger.exe Size: 50,705 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Windows Updates" data: C:\WINDOWS\yahoomessenger.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Updates" data: C:\WINDOWS\System32yahoomessenger.exe Tested on Windows XP July 08, 2007MegaSecurity