by Ghirai
Released in November 2001
Made in Visual Basic
CyberSpy v8.0 built 8.2.2 Telnet Release
<<Documentation>>
INTRODUCTION
-CS 1.8 is a Telnet-based trojan; it means that you don't need any client to connect,
you just use your favourite terminal.
TECHINICAL INFO
-it's written in VB6 and uses winsock, so if you get an error running the file, you
can find the runtimes on the site(most of the people have these files)
-the server listens on PORT 200 for a connection, therefore set the remote port in your
terminal to 200.
-it has a total of about 47 commands; to see a list of the commands, type "help", and to see what a
command does, type "help command" (without the quotation marks); it's very simple to use...
-the commands are listed alphabetically, so you can find what you need quicker
-no need to list the commands here, you'll see them when you type help...
-the size of the server should be 53,8KB, you can rename it to anything you want,
just leave a exe extension.
-it supports multiple clients
TIP
-when connecting to someone, first thing you should do is get the passwords, by typing "passwords".
Ghirai
Server:
dropped file:
c:\WINDOWS\SYSTEM\MSGSVR16.EXE.exe
size: 55.156 bytes
port: 200 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Msgrv16"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Msgrv16"
c:\windows\system.ini, [boot] "shell"
added:
c:\WINDOWS\winstart.bat
MegaSecurity