yeah ok, but it is pretty easy to pack it making it undetectable.

also i'm writing another one which still is undetected, and for this one i'm planning on keeping it like that

illwill > i still don't get the point

Its really scary to see how fast the AV's have had your backdoor added.
Even Symantec has added it.
Was it posted anywhere else aswell?
I'm almost sure noone used your tool remotely on other people computers (well just for testing it maybe).



//greetings to our AV guys .. monitoring for a new version? happy waiting

didnt you say earlier in the thread u had a problem with getting the directory or something for the service thing...
some av companies follow the board here to get new dat files.. and theres other who submit them to av companies cuz theyre asshats.. then theres ther who send the file for online checking that sometimes gets put into new dats

i'm not sure i said that illwill ;-)

as for posting, i posted it here and on forums.binrev.com

for the rest it is just at my site but nothing else...

i think people from AV are wondering on these forums as well (perhaps even on my site since recently)....

i will give it a test. i will upload a backdoor only on my site and we'll see how long it takes before it gets recognized. this post is the only other link to the outside world

found by DrWeb...
and marked as Backdoor.Wscorp...

yeah thats the backdoor on my site in backdoor.zip, that's the one we are talking about.


try this one:

http://www.white-scorpion.nl/achter.zip


this is the only place on the internet that has a link to this file. it is the same as the one above but partly encrypted and i swapped some commands...

this one is still undetected, but i wonder for how long....

Good way of checking which AVs monitor this webboard

looks like the link is broken... it gave me that message...

you're right, use this link instead:
http://www.white-scorpion.nl/testjunk/achter.zip

i cleaned up a little on my site