NTbindshell
Released 22 years ago. October 2003
Copyright © MegaSecurity
By Christophe Devine
Informations
| Author | Christophe Devine |
| Family | NTbindshell |
| Category | Remote Access |
| Version | NTbindshell |
| Released Date | Oct 2003, 22 years ago. |
| Language | C, Source included |
Additional Information
Server:
size: 24.576 bytes
port: 26103 TCP
startup:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RSMSS
Author Information / Description
/*
* Win32 RootKit - cmd.exe remote shell backdoor
* (c) 2003 Christophe Devine
* Distributed for educational purposes only!
*
* Before running ntbindshell.exe, rename it to
* "rsmss.exe" and copy it into %windir%\system32.
* This program will automatically register itself
* as a system service the first time it is run,
* provided it has the required privileges.
*
* To remove the service, start Regedit and delete
* HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
* Services\RSMSS, then reboot the computer.
*
* Backdoor usage:
*
* normal (listen) mode: rsmss <port>
* reverse-connect mode: rsmss <port> <host>
*/
Christophe DevineIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.