PhaseZero 1.0b
Released 26 years, 2 months ago. September 1998
Copyright © MegaSecurity
By Njord of KrOme Corp
Informations
| Author | Njord of KrOme Corp |
| Family | PhaseZero |
| Category | Remote Access |
| Version | PhaseZero 1.0b |
| Released Date | Sep 1998, 26 years, 2 months ago. |
| Language | Delphi |
Additional Information
Server:
size: 301.568 bytes
port: 555 TCP
startup:
none
Author Information / Description
phAse zero
version 1.0 beta
(c) 1998 Njord of Kr0me Corp
user documentation
phAse zero is remote administration tool composed of a server running on all
current win32 platforms (windows NT / windows 95 / windows 98), a graphical
user interface (GUI) and an installer.
some of the features of this first release (1.0 beta):
o integrated remote ftp client
o remote file system control
o spawning of processes
o functions to manipulate the windows registries
o restricting access to the phAse server via ip masks
o configurable registry/executable name and server port
and much more (see the list below for a complete listing).
in order to install phAse zero on a server, copy the three exe files
(setup.exe client.exe phase.exe) to a directory and run setup.
a dialog box will appear; if you don't want to change the default settings
for the registry, click on 'yes' to proceed.
next, you will be prompted for the port to use (default is 555) and an
optional ip mask. if you specify the ip mask, only users from a certain
host will be allowed to access the phAse zero server. you can leave this
field blank if you don't need access restrictions.
these are all valid ip mask formats:
123.45.67.8
123.45.67
123.45.6
123.45.
123.45
etc.
the installer will write to the windows registry and install the server's
executable (one file). then control is returned to the user.
please note that the executable file size is random.
if you need further "security" you may change the default registry keys
(key name and file name) using setup.exe.
once the server is installed, it runs hidden from the tasklist and the
taskbar and uses CPU time only when needed.
to activate phAse from remote, use the GUI interface (client.exe).
you just need to enter the server's host name or ip address and the port
that you have chosen during the installation (the default is 555).
now, click on OK. the server will respond with its version name and number.
select the command you want to use and click on it: one or more parameters
(edit boxes) will be activated if necessary.
fill in all the required parameters and press the SEND button.
to terminate the current session, you can either click on OFF or enter the
"terminate session" command (followed by the SEND button).
these are all the commands currently implemented in this version of phAse
zero, along with their parameters:
FTP UPLOAD
<user> <pass> <host> <local file path> <remote path> <remote file>
tell the server to upload the specified local file via ftp to remote path
FTP DOWNLOAD
<user> <pass> <host> <local file path> <remote path> <remote file>
tell the server to download the specified remote file via ftp to local path
EXECUTE
[s|h] <file path>
execute a file (S=show window, H=hide window)
CHANGE DIRECTORY
<directory>
LIST DIRECTORY
<path and mask>
a file mask is required, path is optional (example: D:\WINNT\*.*)
CREATE DIRECTORY
<directory>
REMOVE DIRECTORY
<directory>
SHOW CURRENT DIR
COPY FILE
<input file> <output file>
MOVE FILE
<input file> <output file>
RENAME FILE
<old file name> <new file name>
DELETE FILE
<file path>
TYPE FILE
<file path>
type the specified text file
HEX TYPE FILE
<file path>
shows an hexadecimal dump of the specified binary or text file
SHOW DIALOG BOX
<message>
shows the specified message into a dialog box on the server
LOCKUP SERVER
locks up the server
TRASH SERVER
trashes the server and locks it up
REG CREATE KEY
<key>
create the specified registry key
REG DELETE KEY
<key>
deletes the specified registry key
REG DELETE VALUE
<key>
deletes the specified registry value
REG CHECK KEY
<key>
determines if a key or a name exists
REG SET CURRENT KEY
<key>
sets the currently open registry key
REG READ KEY VALUE
<key>
read the specified key's value
REG WRITE KEY VALUE
<key> <value>
creates or updates the specified key and associated value
REG LIST KEYS
lists available keys in the currently open key
REG LIST VALUES
lists available values in the currently open key
TERMINATE SESSION
terminates the current session only
UNLOAD SERVER
terminates all connections and unloads the server
please note that this is the first public beta of phAse zero, and it is by
no means complete. possible future additions: file sharing support, stealth
key logging, media player, integrated port and host scanner, plugins, etc.
please report any bugs you find (suggestions/criticisms/ideas are welcome).
--
(C) 1998 by Njord of Kr0me Corp.
All rights reserved.If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.