Bifrost 1.2

Released 18 years ago. December 2006

Copyright © MegaSecurity

By ksv


Informations
Author ksv
Family Bifrost
Category Remote Access
Version Bifrost 1.2
Released Date Dec 2006, 18 years ago.
Additional Information
Server:
dropped file:
c:\Program Files\Bifrost\server.exe
size: 27,517 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836} "stubpath"
data: C:\Program Files\Bifrost\server.exe s 
	
	
	
tested on Windows XP
December 05, 2006

Author Information / Description
v1.2
General/Mainwindow:
* Server rewritten to 90%, now being better at bypassing firewalls.
* Registry Editor added.
* Datacompression added for most transfers between server and client.
* Kernel level process hiding added (DKOM method, hiding the process where bifrost is injected, unless injected to a specific process).
* Improved ping system. Pingsystem also modified to send pings less often when connected via TOR, as the minimum packet size then is 500kb.
* Remote user idle time added (time away from keyboard).
* Assigned name and download folder always combined with an unique id (harddisk volume nr) to ensure each user get an unique name.
* Possible to make notes about each user.
* Bypasses windows hardware data execution protection, DEP.
* Checking of passwords for incoming connections is now optional.
* Uploading of plugin more stable.
* Server can now be injected to svchost.exe.
* "Persistant server" option added.
* Minimize to tray added.
* "Open Download Folder" added to context menu in main window.
* Added flags indicating country next to each connection. Method used to determine country can be selected from settings menu.
* Works on restricted accounts:
+ If the user isn't logged as admin, the server will be created in Application Data folder.
+ If it fails to write activex or HKLM to the registry, it will automatically write to HKCU as the user is logged in on a restricted account.

Builder/Settings:
* New builder with much more help text.
* Up to 20 dns's allowed.
* Connection from server to client via up to 20 socks4 proxies.
* TOR plugin (by Andvare) added. Allows the remote user to connect to you via TOR network.
* Possibility to choose mutex name.
* Option to use kernel level unhooking.
* Older file date and attribute hidden can now be selected for the server.
* Option to delay server start first time it is run by a selected number of days, hours and mimutes.
* Server file and subdirectory can get file mode "invisible", "system" and get an older file time set.
* Server is always installed to a new subdirectory in either "program files", "windows" or "system32".
* Option to run the server in a fully visible mode (for remote support).
* Possible to make the server sleep (not making any connections at all) by pointing it to 255.255.255.*. Thanks to s13az3 for this idea. wink.gif

Filemanager:
* Last changed file date added in filemanager.
* Network shares added to filemanager.
* Option to exclude "temporary internet files" from file search.
* Recursive deleting of directories added.
* Recursive download added.
* Added option to resume downloads.
* Added option "Yes to all" and "No to all" when being asked if to overwrite when downloading.
* Filemanager has direct links to desktop, my documents and recent files.
* Added "set desktop wallpaper" to filemanager.
* Possible to manually enter a path in the filemanager
Bugfixes:
- Bug when selecting a drive in the filemanager with no permission, fixed.
- Dowloading of file with zero size no longer hangs.
- Errorhandling improved for fileuploading.
- Bug when running a file from the filesearch list fixed
- Long filenames can now be used in file search

Keylogger:
* Keylogger moved from plugin to server, so plugin is no longer needed for offline.
* Size of the log chopped to half size when reaching 2 mb to avoid too big logs.
* Option to exclude shift, Ctrl and backspace added to the keylogger.
* Possible to save offline keylog to file.
Bugfixes:
- Bug in keylogger that messes up the use of dead keys (like �^��) fixed.
- Bug that causes online keylogger to sometimes lose chars fixed.

Screencaps:
* Screen cap option of 16 and 1 bit images added, to give the option of faster caps.
* Size of image displayed in the sceen cap window.
* Added option to get full size screen cap and then navigate with scroll bars.
Bugfixes:
- Bug that caused client to crash when closing and reopening screen cap while recieving fixed.
- Screencap crash when using no plugin and big caps fixed.
- Memory leak when taking jpg caps fixed.

Webcam:
* Better handling of webcam when more than one driver.

System Manager:
* More info sent to "System Manager". System info is also automatically refreshed when opened.
* Process were injected to marked in red in process list.
* Info if user logged in as admin added to the system manager.

Password grabber:
* Firefox added to password scanner.
* Msn added to the password grabber.
* More cd-keys added to the pw-stealer.
Bugfixes:
- Buffer overflow errors in the password grabber in the plugin, which could cause server crash are now fixed.

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.