Insane (c)
(Backdoor.Insane.c)

by Suid Flow

Written in Visual C++

more versions


 
          added onto the XTCP trojan by ShadowPenguin Systems Inc
          More improvements to come!!!
          check out our site at www.BlackCode.com

                  (1) ls
                  Shows files in the specified folder.
                  The output is displayed in the following order: attribute filename size date.
                  The attributes are
                  a: Archive
                  d: Directory
                  h: Hidden file
                  r: ReadOnly file
                  s: System file.

                  However, unlike usual ls, you have to include the * in the path

                  Example:
                  ls c:\*.*  <Display all files in c:\>:
                  ls c:\windows\*.ini <Display all .ini files in c:\windows>

                  (2) cat
                  Views the contents of a text file.
                  Example: cat c:\Setuplog.old

                  (3) cp
                  Copys a file
                  Example: cp c:\Setuplog.old c:\windows\aaa

                  (4) rm
                  Deletes a file.

                  (5) ren
                  Renames a file

                  (6) exec
                  Runs a program, paramaters are allowed.
                  Please note that if running a Windows GUI application, that application window
                  will be opened "suddenly" on the target PC.

                  (7) mktext
                  Creates a text file.
                  Example:
                  [r00t]#mktext c:\test.txt
                  aaa bbb
                  ccc
                  ^D          ctrl+D = ends input
                  [r00t]#

                  (8) popup
                  Popup a message dialog on the target Windows
                  Example: popup Hello. I've hacked your PC. Sorry.

                  (9) shutdown
                  Shutdown the target PC.

                  (10) reboot
                  reboot the target PC.

                  (11) passwd [-s][-t][-d]
                  PPP password logging. If no PPP connection is made after the installation is
                  server, no log file will exist.

                  Parameter:
                  -s: begins logging
                  -t: ends logging
                  -d: deletes log file
                  default (with no parameter): displays log file

                  (12) telnet
                  Same as telnet.

               
                  (13) regrun [-c][-d][-l]
                  Sets autorun option, adds value in the key
                  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

                  Example:
                  <1> regrun -c trojan c:\windows\trojan.exe
                  trojan.exe will be exucuted when Windows is booted.

                  <2> regrun -l
                  List all autorun programs

                  <3> regrun -d trojan
                  Remove trojan from autorun

                  (14) Logout
                  Just as the name says

     		  (15) cad [-e][-d]
			cad -e: enable control-alt-delete
			cad -d: disable control-alt-delete

                 (16)snow          
		 (17)reverse
		 (18)bomb
		 (19)melt
                 (20) task[-e][-d]
			task -e: enable taskbar
			task -d: disable taskbar
                 (21)crack     Decrypts the file-sharing passwords
           If it doesn't return any info,they don't have sharing enabled.. :)

~Suid Flow


Server:
size: 121 KB

port: 2000 TCP

startup:
none

MegaSecurity