KoreTek 1.4
(Backdoor.Koretek.14)

by NaHeMiA

Released in april 2002


  (This is a BETA version. There may be bugs but I have worked most
   all of them out. If you find any please email me. I haven't yet
   released this to the net, just a small group of people.)

1. Basic info

   a) koretek.dll	-   the dll that the bots use to authorize
		  	    people. This file goes in the bot dir.

   b) kore.dll		-   the dll that your mirc client uses to
   		  	    encrypt your password and log in. This
   		  	    file goes in your mIRC dir.
   
   c) Config.exe	-   the program to configure koretek.dll
		  	    with your own password and to generate
		  	    the scripts that your botnet and mirc
		  	    will use to log in.

 * d) IMPORTANT!!	-   To make this work you _MUST_ be sure
			    that /dll is not disabled. You can
			    unset this in the mIRC options by
			    going to General>Lock and unchecking
			    the box that says '/dll.'

2. Setting up

   It's pretty easy to get this set up. Just follow these steps:

	1. Run config.exe
	2. Choose youre koretek.dll file and for the password 
	   enter 'new'
	   (Note: This will only work once. Keeping a copy of the
	    original koretek.dll is strongly suggested)
	3. Change the password (IMPORTANT FOR SECURITY!)
	4. Set up the scripts:
		a) Level to login	- level required to login.
		b) Master level		- level given if valid login
		c) Login Trigger	- command to login
		d) Login alias		- alias for automatically
					  logging you into the bots

		Note: This will generate two scripts called client-
		      side.mrc and server-side.mrc. Just like the
		      names imply, client-side is the script you
		      need to load in your mirc. (/load -rs client-
		      side.mrc) server-side.mrc needs to be loaded
		      in the botnet. (/load -rs server-side.mrc)
		      If you want to script the code yourself feel
		      free to do so.. This was made to be easy for
		      the newbiez and lazy fucks. ;)~
		      Also, I encourage you to edit the script
		      (especially the server-side one) after you
		      have them generated to customize them to
		      your bot. These are made as guidelines and
		      they will replace your old login methods.

	5. copy the kore.dll and koretek.dll
		a) copy the kore.dll to YOUR mirc dir.
		b) copy the koretek.dll into the botnet dir.

3. Encryption info

   It's really late so I'm not going to write a lot now, but my
   encryption uses what I like to call polymorphing algorithm. It
   is very complex encryption that even I couldn't break. And I coded
   the fuckin thing. Brute forcing this encryption would also be VERY
   hard because I've put in some methods of defense against that. As
   far as I can see, this is a very secure method and would be VERY
   difficult to crack.
   If you can't tell, the mirc script sends your host to the dll which
   encrypts it and sends it to the bots which use their dll (koretek.dll)
   to check the encrypted host. This way no password will be the same.
   Unless somebody can spoof your exact host, or you are a dumbass and
   give them the password to your KoreTek file, they won't be able to
   crack your shit even if they watch you login every day. :)

NaHeMiA   



MegaSecurity