by Knox_rw
Compressed with UPX
Released in August 2000
Undetected special edition
==========================
A few words:
=================================================================================================
* undetected is NOT a visual basic trojan so u don't need the runtime libraries to run
(I must say that I HATE visual basic)
* if u don't like this trojan then delete it
* it is not an easy thing to write a small trojan (i say this words to all the lamerz out there)
* don't e-mail me to ask stupid questions
* this is not a lamer trojan so that's why i don't make a button for every feature i add
* the lamer functions are in the fun pak.You must upload the fun.dll in victim's win dir
to use them.
* a plugin example is included;use it to make your own functions (see \Work dir)
New features
=================================================================================================
* added a new method of infection
* added victim name option in the editserver
* added the posibility to kill the keylogger until restart (use it when u want to download the
log file)
* added the posibility to set the buffer size when u download or upload a file (usefull
for slower connections)
* added the posibility to set the delay between buffers when u download or upload a file
(also usefull for slower connections)
* now the editserver is in the client (just press the "E" button in the client)
* I made some changes in the command window :
- to add a command press the "A" button in the command window
- to remove a command press the "R" button in the command window
- to edit a command press the "E" button in the command window
* fixed some bugs in the client and in the server
Undetected features:
=================================================================================================
!WARNING! The commands are NOT case sensitive.
You can now use the new command window from the client.
Don't forget to edit the command first.
* you can protect your server with a password,you can choose the port and stuff like that.
you can also bind the server with another file(like a sfx archive,a photo,etc ...).
to do it just run the editserver.exe and have phun.(note:the informations you type
will be encrypted)
* run file
* upload file
* download file
* keylogger
* run file after upload
* send message // WARNING:this will stop the server until
the victim pushes the OK button
* get cached passwords
* make directory // command: md;dirname
* erase directory - it has to be empty // command: rd;dirname
* delete file // command: del;filename
* copy file // command: copy;path1;path2
* get file length // command: len;filename
* list files // command: dir;path
* add to registry // command: addreg;regpath;description_key;what
* delete from registry // command: delreg;regpath;description_key
* send to URL // use run command
* play sound&video // use run command
* show image // use run command
* reboot computer // command: reboot
* get windows directory // command: wdir
* close server // command: kill
* remove server // command: remove
* names&handles of opened windows // command: list
* kill a specified window - by it's handle // command: k;handle
* execute a plugin function - a really cool feature
command: EXEC;[plugin_name];[function_name];[longint_value];[string_value]
look at the plugin example in the pak,make your own and send it to me.
i'll put it on the page if it is good.
regpath example(for addreg and delreg func)="Software\Microsoft\Windows\CurrentVersion\Run"
dir example=DIR;c: - this function can fuck up the server if not well used !
=================================================================================================
Last words:
=================================================================================================
* When u type a command follow the instructions or u'll fuck up the server !!!
* The functions from the fun pak are not listed here.Just use the client.
@copyleft KnoX_rw - the dark side
http://home.cyberarmy.com/undetected
[email protected]
August 2000
Server:
dropped file:
c:\WINDOWS\winloader.exe
size: 20.480 bytes
port: 777 TCP
tested on Windows 98
November 26, 2004
MegaSecurity