thanks to x^r for helping me out with the injection part
thesource
Apr 2 2005, 11:20 PM
Ive downloaded it but how come ya cant connect with telnet?
Titus
Apr 2 2005, 11:55 PM
QUOTE(thesource @ Apr 3 2005, 01:20 AM)
Ive downloaded it but how come ya cant connect with telnet?
read readme.txt its so easy . btw great job WS. thx for sc too ^^
exobot
Apr 3 2005, 03:46 AM
Cool, nice - not detected by Norton yet, wonder how long it will take.
An idea for future versions could be a reverse connect feature, to get around those pesky people who insist on using routers .
I haven't actually tested it yet so excuse me if this has been answered already; does it start automatically with windows, etc - does it install itself as a service?
White Scorpion
Apr 3 2005, 09:15 AM
QUOTE
Cool, nice - not detected by Norton yet, wonder how long it will take.
An idea for future versions could be a reverse connect feature, to get around those pesky people who insist on using routers wink.gif.
I haven't actually tested it yet so excuse me if this has been answered already; does it start automatically with windows, etc - does it install itself as a service?
not long i think since they are watching this site... but hey, packers are always an option...
i'm thinking about reverse connections, but i'm not sure yet how to retrieve the IP from someone who is connecting to a specific port....
it changes HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ --> Shell to make it start automatically. this way, whenever explorer crashes tiny will restart as well...
r00t
Apr 4 2005, 07:19 AM
HI White Scorpion
Thank you very much for your tool's. I was on your HP and found also other usefull apps.
Will try to change the port etc on the backdoor I hope i find the clue
So Thank's.
But doesn't i need ASM copiler or so for the includes ????
to make the bat file etc ??
White Scorpion
Apr 4 2005, 10:48 AM
I've been told that there's a bug in the tiny 3.0, it won't start explorer.exe after a reboot, so you will have to uninstall it BEFORE Windows is restarted. As soon as i have released v3.1 this problem will be solved... <edit>V3.1 is released now, the problem is solved. i've tested it with several machines while rebooting about 20 times per system and every time tiny will start along with the rest of Windows...</edit>
nebo > you do need the masm assembler indeed, you can download it FOC from here. after installing masm32 you can run the make.bat file to assemble the new program.
thesource
Apr 4 2005, 02:07 PM
So you just didn't want to add the feature to connect through telnet? Cause I can connect to other backdoors (ex. wolf) that have passwords.
White Scorpion
Apr 5 2005, 05:21 AM
QUOTE
So you just didn't want to add the feature to connect through telnet? Cause I can connect to other backdoors (ex. wolf) that have passwords.
Well it's very simple, Telnet sends directly every character you type while nc waits until you've pressed enter. All i had to do to accept telnet sessions it to read everything into one buffer and then compare the complete buffer to the password... you can implement it yourself if you like, but i think it is better safety not to use telnet...
GekAapie
Jun 22 2005, 08:52 PM
when i unpack the files i get a message from norton: fixed tiny.exe or something and then the file is gone...
anyone know what happened????
Necrocide
Jun 22 2005, 08:55 PM
QUOTE(GekAapie @ Jun 22 2005, 09:52 PM)
when i unpack the files i get a message from norton: fixed tiny.exe or something and then the file is gone...
anyone know what happened????
....maybe because your anti-virus detects it as a virus/trojan/backdoor/whatever?
GhostShell
Jun 22 2005, 08:59 PM
QUOTE(Necrocide @ Jun 22 2005, 08:55 PM)
QUOTE(GekAapie @ Jun 22 2005, 09:52 PM)
when i unpack the files i get a message from norton: fixed tiny.exe or something and then the file is gone...
anyone know what happened????
....maybe because your anti-virus detects it as a virus/trojan/backdoor/whatever?
yeah most likely thats what happened bcuz norton likes to do things without asking...look in the quarantine folder that shpuld tell you by the way get rid of norton dude it sucks
setthesun
Jun 23 2005, 07:12 AM
Thank you for source, I was looking for good ASM practices.
saetji
Jun 23 2005, 11:14 AM
Nice one mate. Outta curiousity, are there any tuts out there for dll injections?
spook
Jun 23 2005, 11:46 AM
QUOTE(saetji @ Jun 23 2005, 12:14 PM)
Nice one mate. Outta curiousity, are there any tuts out there for dll injections?
I just took a quick look at them.. So don't blame me if they aren't all dll injection
Enjoy reading them though, it's quite interesting
dw-chow
Jun 27 2005, 02:14 PM
the link is dead, and i can't find it on your main page of the downloads section.
White Scorpion
Jun 28 2005, 04:28 PM
I just updated my site, the old one still can be found : http://www.white-scorpion.nl/old/ you can find the latest version of tiny there....
netxman
Jul 3 2005, 12:32 AM
QUOTE(White Scorpion)
Still no reverse connection ?
White Scorpion
Jul 3 2005, 09:34 AM
Still no time to do something with it. But if you feel like adding it then go ahead I think i won't be just creating a reverse connection but a portknocking feature when i have the time, since that isn't that far away from a reverse connection from that point.
netxman
Jul 3 2005, 04:40 PM
QUOTE(White Scorpion @ Jul 3 2005, 05:34 PM)
Still no time to do something with it. But if you feel like adding it then go ahead I think i won't be just creating a reverse connection but a portknocking feature when i have the time, since that isn't that far away from a reverse connection from that point.
I will do that if I can, actually I know nothing about programming.
But I still think RC is the better way of nowadays backdoor.
Let's look forward to your portknocking feature.~
belgther
Jul 3 2005, 04:54 PM
without modifying, even the latest version is detectable by DrWeb.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
. btw great job WS. thx for sc too ^^
by the way get rid of norton dude it sucks
