BackDoor Injector 2.0

Released 17 years, 9 months ago. February 2007

Copyright © MegaSecurity

By EvilCoder


BackDoor Injector 2.0
Informations
From Russia
Author EvilCoder
Family BackDoor Injector
Category Remote Access
Version BackDoor Injector 2.0
Released Date Feb 2007, 17 years, 9 months ago.
Additional Information
tested on Windows XP
February 10, 2007

Author Information / Description
Backdoor Injector V2.0 - this is shell for 
introducing the "modules" into the program (EXE- file) indicated 
written by pol'nost'yu on the assembler. Shell inzhektit module 
into the address space of file on the disk (i.e. it works on the 
similarity of infektora). Shell provides obtaining control by 
module with the aid of special charger, in this case worrying about 
the error-free execution of the program of nositelya.Zagruzchik of 
module in the victim obtaining control of the first, it creates Thread
(thread) with the entrance point to the code of module, warp thread it
returns to the execution of the very program of carrier. In 
zagruzshchike is so realized shielding mechanism and mechanism of 
shifr/deshifr of module. The second version of shell 
considerably is differed from previous, first of all in the new 
version module takes root not into the title YEKHE of file, but as 
additional section. This need arose, first of all, because of an
increase in the sizes of new modules. Module (file * of..m0d) - 
this usual BEAN file with the code written in went the code style. 
Contents easily is examined in any HEX - editor, the file 
of..m0d is not encoded. SDK for creating the modules is thus far
located only in the concepts in the author. If are those 
desiring write new modules will be and SDK. in the archive are 
accessible the following modules: + bind_.shell.m0d - Bindit 
cmd.exe on the ukazanom in the tuning port. + reverse_.shell.m0d
- Konektitsya on the ukazanomu in tuning IP address and the port. 
Perenapravlyaya cmd.exe. + inject_.bind_.shell.m0d (NEW) -
takes root in any ukazanyy in the tuning active process, further works
as bindshell. + inject_.reverse_.shell.m0d (NEW) - without 
komentariyev. + stealth.m0d (NEW) - makes program the carrier of
invisible in the system: in the conductor; in the list; 
(translated by systran)

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.