|
Hacks & Cracks |
ICQNetBusTCP/IPProtection
|
Welcome to my little Hack & crack section.Several people have made comments about that I don't share any knowledge on this page so I have changed my mind a little bit now. However I don't think I'm going to explain everything in detail, some fun you gotta keep for yourself. If you have something you wanna share...please do it. ((Sorry for not having any cracks, don't know if I dare to tell'em here.)) |
| Top of page | ICQAs you might know there are several ways to
'have fun'.
|
| Top of page | NetBus v 1.53Yeah, what the heck u prolly know all about it anyway by now. NetBus is NOT a virus nor a Trojan because it doesn't copy it self or start on a specific trigger or event. It's simply a remote control software just like pcANYWHERE. (Note. to use pcANYWHERE you need a license)
|
| Patch.exe KeyHook.dll |
461 kB (472 576) 53.5 kB (54 784) |
NetBus server the dll |
NetBus is a fun and enjoyable application
written by a nice guy who I can't mention the name off because a new Swedish law PUL. A
stupid law by the way. The purpose with NetBus is NOT to destroy anything or to 'steal'
information. Because NetBus shows everything it does, and it can also leave a trace after
the intruder in a .txt file on the victims computer if he takes a screendump from you.
LP.TXT. The log file you can find in the same directory as NetBus and it contains the
intruders IP address and the TCP port used for transmitting the data.
Well, I have not tested it myself yet but what I can understand from some reading there is a few changes.
In 1.7 it's possible to change the port so you can't be sure to find it on 12345 anymore. However if you from the console type the command 'netstat' you can se all your current connections, but this might not help you if you don't know how to use that information.
| Top of page | -How do I know if I got it?1. You can test to connect with Telnet, IP
127.0.0.1 port 12345. If Telnet succeeds it answers with "NetBus v. 1.53" or
another version number. HKEY_LOKAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ Check this location to se if your computer is 'infected'.
|
| Top of page | -How do I get rid off it?Put $10 on my PG 901950-6 and I tell you
*smile* It's not for sure that the file name is sysedit. Who knows, someone might have renamed the file. You can also look in the task manager and se if you find it there. If you shut sysedit down from the task manager it will be activated the next time you boot your computer. You may not see it in the Task manager because of the /nomsg. If you have any questions or doesn't understand you can mail me or visit a NetBus homepage. Last about NetBus, if you think this
application is cruel I can tell you there's an application 10 times worse this one... Happy NetBus'ing! |
| Top of page | TCP/IPSome brief information about TCP/IP or actually about TCP. Under Construction |
| Top of page | ProtectionI would recommend two applications to protect you with. 1. Netbuster Both appl. runs on 95/98/NT NetBusterNetbuster is written by a Swede as well and listen on that port where NetBus would be. Netbuster simulates to be an NetBus server so if anyone tries to connect to you they belive you have netbus. Now the fun part starts, you can send messages back to their client. 500 mess in new windows, thats alot off windows to close. The application also logg the IP address from the intruder. You can find Netbuster on http://surf.to/netbuster. NukeNabberNukeNabber listens on some predefinded ports and loggs every atempt made, it also will warn you with a popup box and some sound. You can configure it to close that port after a connection and thereby stop any nuke, flood or DOS attack. It supports alot of protocol and is one of the best tools, you can find it on http://www.dynamsol.com/puppet/ You can add more ports to be monitored but that will recuire som knowledge, it will work fine on standard settings to.
|