I Feel Lucky I Feel Very Lucky

Genie 1.7

Released 17 years, 9 months ago. January 2007

Copyright © MegaSecurity

By prncipia

Informations
Author prncipia
Family Genie
Category Remote Access
Version Genie 1.7
Released Date Jan 2007, 17 years, 9 months ago.
Additional Information 
dropped:
c:\WINDOWS\rainboy.onj                       Size: 1,004,032 bytes 
c:\WINDOWS\system32\MSPSTL32.DLL             Size: 15,360 bytes 
c:\WINDOWS\system32\CatRoot2\tmp.edb         Size: 1,056,768 bytes 
c:\WINDOWS\system32\dllcache\MSPSTL32.DLL    Size: 15,360 bytes 

changed:
c:\WINDOWS\explorer.exe
	
deleted:
c:\WINDOWS\system32\dllcache\explorer.exe

added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List


tested on Windows XP
February 27, 2007

Author Information / Description 
Genie v1.7  with new security procedurs,Hard to remove from users.
For Windows 2K/XP,build 01/01/2007 (Tested on win2k/xp)
Code by prncipia <
[email protected]
>

Genie is a simple Telnet backdoor program.

Note: Best use with Putty and NetCat.

----------------------------------------------------------------
Instalation > "c:\install.exe" (May takes a few seconds)

Note2: Important. Do not Remove "rainboy.onj" file.
----------------------------------------------------------------

Remove > "c:\ginstall.exe -r" or "c:\ginstall.exe /r"
----------------------------------------------------------------

Now to connect to remote host you have to type Telnet "targets_ip" 1179
then press "CTRL+A" and ENTER to activate the program.
The last step is to ask you the password and by default thes password is "katerina".
That's it.

----------------------------------------------------------------
Genie commands:

Helpme                    Genie commands.
Cdopen/Cdclose            Opens/Close CD port.
Fdownload                 Download files from sites.
Mlock/MUnlock             Lock/Unlock Monitor.
Msg                       Send message to your victim.
Mypass                    Change default password.
Myport                    Change default port.
Pview                     Shows current running process with PID.
Pkill                     Terminate a process.
RLock/RUnlock             Lock/UnLock registry.
Reset                     Reboot windows.
Reload                    Reload genie - new settings.
Sdown                     Shutdown victim computer.
SecOn/SecOff              Start(Default)/Stop Genie Security procedures.
SFile                     Auto start file.
TLock/TUnlock             Lock/UnLock Taskman.
Users                     Logon users on Genie.
Exit                      Close current connection.
Gshutdown                 Shutdown the genie.


prncipia

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.