by Zinho
Written in Visual Basic
Released in September 2002
Made in Italy
***********************************************************************
Tourniquet 1.0b2 by Zinho
***********************************************************************
5-09-2002
--[ Introduction
Tourniquet is a trojan horse for Windows 95/98/2000/XP.
This version is a beta version. Nevertheless almost all of the functions works well.
However I need people that could send me suggestions/bugs/criticism.
--[ Program files
Tourniquet, as almost all of the trojan horse it has its own connection port (n. 6666) and two
execution files: client.exe and server.exe.
Client.exe is the interface that let you manage remotely victim's computer.
Firstly you have to connect to the server: you need its ip or hostname only!
Server.exe is completely transparent: it reproduces itself and runs on windows start up.
In the future versions I'll masquerade it from Task manager in order to making it absolutely untraceble!
--[ Client Functions
[+] REMOTE FILES AND DIR MANIPULATION
- Delete
- Move
- Complete files and dirs navigation
- Upload file ***
- Execute files ***
[+] REMOTE SYSTEM INFOS
- Language
- Time and date
- CPU
- RAM
- Win version
- Screen resolution
- Screen refresh rate
- Sceen Bits
[+] OTHER FUNCTIONS
- Mouse cursor move
- Remotely send messages
- Tourniquet Server Scanner
*** = new functions of beta2 version
--[ Scanner capabilities
Tourniquet is provided with a class-c scanner that can search for tourniquet trojan. Thus you can easily scan
a whole provider for tourniquet server!
Zinho
Server:
dropped file:
c:\WINDOWS\SYSTEM\iexplorer.exe
size: 65.536 bytes
port: 6666 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "winsys"
MegaSecurity