by Mobman
Written in Delphi
Released in March 1999
Made in Rumania
[ S u b S e v e n (c) 1 9 9 9 v e r s i o n 1 . 1 b y m o b m a n ] ...and again, for B.U.G. Mafia! [ d e s c r i p t i o n ] SubSeven can be used as a remote administrating tool or as a hacking tool. it consists of two files: server.exe and SubSeven.exe. to use it, run server.exe on the victim's computer, find his/her ip number then run SubSeven from your computer. that's about it, after that you can _really_ have some fun with the victim. [ h o w i t w o r k s ] well, it's pretty easy. the first time you run server.exe on a computer, the program installs itself into the memory, and starts every time windows is restarted. SubSeven.exe is the main program you use to connect to the server. [ c o m m a n d l i n e p a r a m e t e r s ] + you can run the server with the following command line parameters: /PASS:password where password is the password required to connect /PORT:xxxx where xxxx is the port number + example "server.exe /pass:fuckoff /port:1777" will install the server on port 1777 using the password "fuckoff" [ f e a t u r e s ] + send messages or questions to the victim's computer with the specified message or question. you'll be noticed of the victim's answer + open the default browser at the specified address + hide or show the Start button + take a screen shot of the victim's desktop. the image will be shown and saved as desktop.jpg + disable keyboard + chat with the victim. a small ICQ-like chat window will appear on both computers. the difference is that on the victim's computer, the chat window will _always_ stay on top. while chatting, you can do a few things like: hide the victim's typing space [meaning, the small window where the victim types will dissappear] start/stop his/her PC Speaker. the victim will _not_ be able to close the chat, so if you don't close it it'll be stuck there the whole time :) + start/stop the victim's PC Speaker. [i thought it'll be nice to tell the victims about the good-old PC Speaker] + restart windows. don't abuse it though. + open/close the CD-ROM + set the length of the victim's mouse trails. [you know, that annoying trail you can set windows to add to your mouse pointer] + set a password for the server. [that's if you don't want other people with SubSeven using that server] + get all the active windows on the victim's computer. after that you can: - close a specified window - enable/disable a specified window [the victim will or will not be able to interact with it] - disable the close button on a specified window + get a list of all the available drives on the victim's computer + turn monitor on/off. this only works on the monitors that _can_ be turned off programatically + show/hide the taskbar. + get more information about the victim's computer. like: windows version, user name, company name, screen resolution, etc. + change the server name. the server will save itself with the specified name + listen for all the pressed keys. you'll see all the keys pressed by the victim. useful to get passwords. + record. yep, exactly what it says. you specify the number of secounds to record for, and the server will send you the recorded file when it's finished. the file will be saved as soundfile.wav [note: this only works for victims who have a microphone installed] + file manager. you can easily see all the files and folders on the victim's computer. when you double click on a diretory, the server will change to that directory. when you select a file, you can: - get the file's size - download it - set it as wallpaper [only if it's a JPG or BMP file] - delete it - play it on the victim's computer [only if it's a WAV file] - execute it [the program assigned to open that file will obe launched on the victim's computer] + reverse/restore mouse buttons. this is awsome when you play some kind of multiplayer game with the victim] + set the online notification on/off. by using an e-mail server, you can enable the server to send you a message on ICQ [to the specified UIN] every time the victim connects to the internet. [you'll receive the victim's ip number in the message, so this is useful if the victim is connected with a modem and he/she changes ip numbers every time he/she connects] the harder part is finding an e-mail server you can use to send those messages. you can use the default server or userid. if that doesn't work, try searching the victim's hard drive for eudora. if you're lucky and you find it, download eudora.ini and view it. look for something like: "smpt server" and use that server. if you do that, don't put anything for User ID. + close the server on the victim's computer. [note: the server will start again next time the victim starts windows] + remove the server from the victim's computer. this completely removes the server from the memory + change the port used. you can do it in 2 ways: run "server.exe /port:xxxx" or, connect to the server with Sub7 and click "change port" + IP motherfukin' scanner! it ONLY scans for Sub7 servers, and that's why you _don't_ need a port (it has its own method of recognizing the server). if you find an infected IP, that doesn't mean you can connect. you still need the port [if other than 1243] and the password [if set] + get passwords. you'll receive a list with all the passwords recorded on the victim's computer since startup. + offline key logger. "get offline keys" retrieves a list of all the keys pressed since the windows startup. hope you have fun with it, cya` mobman [ c o n t a c t ] www : come.to/subseven [or, if that's down] members.xoom.com/subseven email: [email protected] icq : 14438136 last updated: 7 March 99 @ 3:47pm [ v e r s i o n h i s t o r y ] Feb.28 released to the public + once installed on a computer, the server popped up the "connect" dialog every time it was started and the computer was offline. that's fixed now. + added a REMOVE button. the server can now be removed from the victim's computer. a lot of ppl asked for this feature. + took out the fake error message. so now when the server is executed, the victim won't see anything. + fixed the chat window bug. a lot of ppl tried to open the chat window when they were connected to the same computer and got stuck with it on the screen. March 7 released v.1.1 + READ "CHANGES.TXT" ! mobman Server: c:\WINDOWS\SysTrayIcon.exe size: 251.904 bytes port: 1243 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "SystemTrayIcon" added: c:\WINDOWS\SYSTEM\lmdrki_33.dllMegaSecurity