by stuka
Written in Visual Basic
Released in February 2004
Made in Germany
The commands are: "Alert" - Puts the server into active mode, speeding up communication. "RedAlert" - Even faster. "Standby" - Back to standby mode. "Stop" - Stops the server; it will restart with Windows again. "Run" - Executes the file specified in the next line. An absolute path is required. "Delete" - Deletes the file specified in the next line. "Dload" - Downloads the file specified in the next line using OpenURL. This does not require authentication, so you can download from anywhere. "FTPU" - Uploads the file specified in the next line to the webserver. This must be the one specified when you configured the server. "FTPD" - Downloads the file specified in the next line, with the name and path given in the second line. "DirMap" - Maps the drive or directory specified to the designated file. Will return subdirectories only, not files, and uploads the file automatically. "FileMap" - Returns the files and subfolders in the specified directory. Be careful not to map a huge disk or network in one go, it may take a long time. "LogOn" - Starts the keylogger. Will log until the logfile reaches the size specified in the next line, then uploads it. "LogStop" - Stops the keylogger and uploads the last file. The script can be uploaded through the editor - don'T forget to configure it by FTPCfg -, but then you are only as safe as the website provider: your IP will be in his logs. To maximize your anonymity, create the script and upload it through FTP or web, using proxies. The editor uses C:\ as a temp storage. The Unit ID should be the bare UID, like U-015F. stuka Server: dropped files: c:\WINDOWS\dump.dmp size: 155.648 bytes c:\WINDOWS\server.exe size: 155.648 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "server" data: C:\WINDOWS\server.exe tested on Windows XP November 17, 2004MegaSecurity