Problem With Vanquish

GovernmentSecurity.org > System Security > Windows Systems

LittleHacker

Mar 8 2005, 02:58 AM

Helo guys
this is the situation.
I've bind a shell to a port with netcat (such as nc -d -L -p 8080 -e cmd.exe)
it worked.
then I've installed vanquish rootkit (setup do install)
all my files (nc, keylogger, scaners, ...) are located in %systemroot%\system32\vanquish\
after rootkit is actived all files become hidden.
every thing seems right but
1- I lost the binded shell !
2- I'mnot able to unistall the rootkit (setup do remove) .

what did I done wrong please?
what should I do to be able to have a backdoor on such a rootkited box.
(it was Windows 2000 SP4)

thanks

LittleHacker

Mar 10 2005, 09:49 PM

waw ! 56 views but not even ONE answer !

hmm,
what does it mean ? none has try it before

strohunter

Mar 10 2005, 11:38 PM

write your own rootkit, it's the best way to control things ^^

kaiserftk

Mar 11 2005, 12:40 PM

i dont know a lot about vanquish but does if affect processes when it hides proceses ?

had the same troubles with hackdefender when i started to use it but there is a secition called [root processes] into the ini file where u can list all the process u wanna hide but not modify . Then check into ur vanquish config if u do not have the same .

LittleHacker

Mar 15 2005, 03:45 PM

yes it hides all Process/Registry/File/Folder with the "vanquish" included name
But when it starts ... Lost every thing! even binded shell and I can't connect it.
Setup doesnt work too! "Unable to find ..."
It shouldn't I don' know if process/Port/Files is killed or hide.
What is wrong here.

btw vanquish does not have any .ini file

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Help - Search - Member List - Calendar Full Version: Problem With Vanquish GovernmentSecurity.org > System Security > Windows Systems LittleHacker Mar 8 2005, 02:58 AM Helo guys this is the situation. I've bind a shell to a port with netcat (such as nc -d -L -p 8080 -e cmd.exe) it worked. then I've installed vanquish rootkit (setup do install) all my files (nc, keylogger, scaners, ...) are located in %systemroot%\system32\vanquish\ after rootkit is actived all files become hidden. every thing seems right but 1- I lost the binded shell ! 2- I'mnot able to unistall the rootkit (setup do remove) . what did I done wrong please? what should I do to be able to have a backdoor on such a rootkited box. (it was Windows 2000 SP4) thanks LittleHacker Mar 10 2005, 09:49 PM waw ! 56 views but not even ONE answer ! hmm, what does it mean ? none has try it before strohunter Mar 10 2005, 11:38 PM write your own rootkit, it's the best way to control things ^^ kaiserftk Mar 11 2005, 12:40 PM i dont know a lot about vanquish but does if affect processes when it hides proceses ? had the same troubles with hackdefender when i started to use it but there is a secition called [root processes] into the ini file where u can list all the process u wanna hide but not modify . Then check into ur vanquish config if u do not have the same . LittleHacker Mar 15 2005, 03:45 PM yes it hides all Process/Registry/File/Folder with the "vanquish" included name But when it starts ... Lost every thing! even binded shell and I can't connect it. Setup doesnt work too! "Unable to find ..." It shouldn't I don' know if process/Port/Files is killed or hide. What is wrong here. btw vanquish does not have any .ini file This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.