Description: 远程反弹木马软件 主要功能:1、远程文件访问。包括文件上传、下载、文件。(夹)更名、文件删除、文件运行、文件查找、远程创建文件夹、远程清空文件夹等。 2、远程关机、启动、注销、修改组织名、用户名。 3、远程键盘记录、鼠标控制、锁定键盘鼠标、模拟特别键功能。 4、远程注册表模拟器、快速注册表修改。 5、远程消息发送、远程进程控制。 6、远程查看剪贴板、当前活动窗体名、隐藏桌面图标、隐藏任务栏、隐藏开始按钮等。 7、远程系统命令、远程DOS命令。 8、远程屏幕抓图(可保存为图片)。 9、服务端自定义配置。可自行定义IP地址、连接端口、连接密码。 您可以根据自己的需要对该程序进行任意改 * 注意:严禁用本软件进行非法使用,否则后果自行负责,作者概不对使用此软件造成的一切后果负责!!! -Remote rebound Trojan software major functions : 1, remote file access. Including file upload and download documents. (SCH) renamed, deleted files, documents operation, document search, remote folder creation, distance to empty the folder, and so on. 2, remote shutdown, the launch, cancellation, change organizations, user name. 3, remote keyboard records, mouse control, lock keyboard and mouse to simulate the special function keys. 4, remote registry simulator, rapid changes registry. 5, remote messaging, remote process control. 6, remote View clipboard, current activities Form, and hide desktop icons, hide task bar, Start button, and other hidden. 7, remote system commands, remote DOS command. 8, remote screen From Wikipedia (saved as pictures). 9, since the definition of the server confi Platform: |
Size: 606331 |
Author:林封 |
Hits:
Description: 远程反弹木马软件 主要功能:1、远程文件访问。包括文件上传、下载、文件。(夹)更名、文件删除、文件运行、文件查找、远程创建文件夹、远程清空文件夹等。 2、远程关机、启动、注销、修改组织名、用户名。 3、远程键盘记录、鼠标控制、锁定键盘鼠标、模拟特别键功能。 4、远程注册表模拟器、快速注册表修改。 5、远程消息发送、远程进程控制。 6、远程查看剪贴板、当前活动窗体名、隐藏桌面图标、隐藏任务栏、隐藏开始按钮等。 7、远程系统命令、远程DOS命令。 8、远程屏幕抓图(可保存为图片)。 9、服务端自定义配置。可自行定义IP地址、连接端口、连接密码。 您可以根据自己的需要对该程序进行任意改 * 注意:严禁用本软件进行非法使用,否则后果自行负责,作者概不对使用此软件造成的一切后果负责!!! -Remote rebound Trojan software major functions : 1, remote file access. Including file upload and download documents. (SCH) renamed, deleted files, documents operation, document search, remote folder creation, distance to empty the folder, and so on. 2, remote shutdown, the launch, cancellation, change organizations, user name. 3, remote keyboard records, mouse control, lock keyboard and mouse to simulate the special function keys. 4, remote registry simulator, rapid changes registry. 5, remote messaging, remote process control. 6, remote View clipboard, current activities Form, and hide desktop icons, hide task bar, Start button, and other hidden. 7, remote system commands, remote DOS command. 8, remote screen From Wikipedia (saved as pictures). 9, since the definition of the server confi Platform: |
Size: 606208 |
Author:林封 |
Hits:
Description: Recub这是一款Windows平台下的远程控制工具 使用activex启动技术 英文介绍
RECUB Features.
1 RC4 Encripted Reverce connect Shell for XP,2k,2003.
2 Bypass Firewalls by starting new instance of Internet explorer and injecting code
3 Activate throw Encrypted ICMP request
5 No listning ports
6 No Process visible,injects into Explorer.exe on startup and exiting
6 Activex startup
7 Empty All Event Logs After exiting the shell.
8 We can use Netcat also for remote shell.
9 EXE size only 5.39 KB
Install
Copy to any folder like windows of system32 and run once
Uninstall
Just delete the exe file
and this key at
HKEY_LOCAL_MACHINE\Software\\Microsoft\\Active Setup\\Installed Components\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK}
HKEY_CURRENT_USER\Software\\Microsoft\\Active Setup\\Installed Components\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK}-Recub This is a Windows platform under the remote control tool to start using activex technology introduction in English RECUB Features.1 RC4 Encripted Reverce connect Shell for XP, 2k, 2003.2 Bypass Firewalls by starting new instance of Internet explorer and injecting code3 Activate throw Encrypted ICMP request5 No listning ports6 No Process visible, injects into Explorer.exe on startup and exiting6 Activex startup7 Empty All Event Logs After exiting the shell.8 We can use Netcat also for remote shell.9 EXE size only 5.39 KBInstallCopy to any folder like windows of system32 and run onceUninstallJust delete the exe file and this key atHKEY_LOCAL_MACHINESoftware \ Microsoft \ Active Setup \ Installed Components \ (H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK) HKEY_CURRENT_USERSoftware \ Microsoft \ Active Setup \ Installed Components \ (H9I12RB03- AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK) Platform: |
Size: 107520 |
Author:张京 |
Hits:
Description: 远程控制进程,可以启动和杀死进程,其中windows运用rpc控制,linux/unix运用telnet控制-Remote Control of the process, you can start and kill the process, in which windows to use rpc control, linux/unix use telnet to control Platform: |
Size: 25600 |
Author:杨先生 |
Hits:
Description: 远程控制,控制局域网内的电脑重新启动,远程控关机-Remote control, control of the LAN computer to restart, remote-controlled shutdown Platform: |
Size: 219136 |
Author:william |
Hits:
Description: 自己写的远程控制程序,可以修改远程机器的分辨率启动进程等-Write your own remote-control programs, you can modify the resolution of the remote machine to start the process Platform: |
Size: 40960 |
Author: |
Hits:
Description: 通过在远端主机上搭建一个远程字典服务服务器,其它主机可以通过客户端程序 RemoteLookup将所需要查询的单词传送给远程主机,远程主机字典服务服务器将单词的中文释义结果返回给客户端主机,在启动服务端后,即可用客户端在线查询单词,程序示范了运用没有封装的SOCKET以及Windows SDK编程的典型过程。
-Through the structures on the remote host a remote dictionary service server, other hosts can RemoteLookup client program will need to send word query the remote host, remote hosting service server dictionary word to return to the Chinese interpretation of the results to the client host, in client start-up services, you can use client-side online query word, the program has not demonstrated the use of packaging as well as the Windows SDK programming SOCKET typical process. Platform: |
Size: 103424 |
Author:王刚 |
Hits:
Description: DarkstRat2008 V1.0 开源版
1.系统信息:可以查看操作系统版本、Cpu类型、内存信息、杀毒软件、防火墙、硬盘大小等
2.文件管理:文件浏览、上传、下载、删除、运行 目录创建和删除。
3.超级终端:也就是telnet命令执行
4.进程管理:可以查看对方进程,并可以终止进程。
5.注册表管理:可以浏览、删除、新建、修改
6.服务管理功能:可以浏览、启动、停止、新建、删除
7.窗口管理功能:最大化、最小化、关闭、隐藏窗口、发送键盘信息。
8.发送消息:发送一些提示远程用户信息、可以返回用户的选择结果
9.恶作剧:鼠标抖动、锁定鼠标、颠倒鼠标按键、开启关闭光驱、隐藏桌面图标、禁用开始按钮、隐藏任务栏-DarkstRat2008 V1.0 open source version 1. System Information: You can view the operating system version, Cpu type, memory information, antivirus software, firewalls, hard drive size, etc. 2. Document Management: file browser, upload, download, delete, run directory created and delete. 3. HyperTerminal: that is, the implementation of telnet command 4. Process Management: You can view each other s process, and may terminate the process. 5. Registry Management: can browse, delete, new, modified 6. Service Management function: You can browse, start, stop, new, delete 7. Window management functions: to maximize, minimize, close, hidden window, send keyboard information . 8. Send a message: Send some tips remote user information, you can return to the user s choice of the results ... Platform: |
Size: 266240 |
Author:yysky |
Hits:
Description: 1.文件管理: 包括对文件的操作和打包下载.
2.终端命令: 其实就是Win下的"命令提示符",可以通过命令进行重启服务器等操作
3.远程桌面: 和Windows系统的"mstsc"基本上一样,可以远程管理桌面.
4.任务管理: 可以查看正在运行的程序的状态,并终止已停止响应的程序
5.服务管理: 启动、停止或重新启动服务.
6.系统信息: 可以查看CPU、内存、OS版本.... -1. Document management: including the operation and packaged documents to download. 2. Terminal command: Win is actually under the " command prompt" can be ordered, such as the resumption of operation of the server 3. Remote Desktop: and Windows systems " mstsc " basically the same, you can remotely manage the desktop. 4. Task Manager: You can view the process is running the state, and has ceased to respond to the termination of the procedure 5. Service Management: start, stop or restart the service. 6. System Information: Yes See CPU, memory, OS version .... Platform: |
Size: 12288 |
Author:出尘 |
Hits:
Description: Darkshell 是一款小巧的远程后门控制软件,它的特点是运行后不在进程里显示、没有用到动态链接库DLL、不添加启动项。这是v1.09的源代码,只供学习网络编程,不要用于其它用途。-Darkshell is a small back door of the remote control software, which is characterized by not running in the process show that did not use dynamic-link library DLL, do not add items to start. This is the v1.09 source code for learning network programming, not to be used for other purposes. Platform: |
Size: 850944 |
Author:146 |
Hits:
Description: 基于TCP的远程字典服务(RemoteLookup).通过在远端主机上搭建一个远程字典服务服务器,其它主机可以通过客户端程序 RemoteLookup将所需要查询的单词传送给远程主机,远程主机字典服务服务器将单词的中文释义结果返回给客户端主机.在启动服务端后,即可用客户端在线查询单词,程序示范了运用没有封装的SOCKET以及Windows SDK编程的典型过程。 -TCP-based remote dictionary service (RemoteLookup). By the remote host, build a dictionary services to the remote server, other hosts can be RemoteLookup client program will need to send a query word in the remote host, remote hosting services, server dictionary words English interpretation of the results returned to the client host. start the server, you can use client-side online query word, the program has not demonstrated the use of packaging SOCKET, as well as the typical Windows SDK programming process. Platform: |
Size: 102400 |
Author:336 |
Hits:
Description: DCOM程序:服务器端为DrawServ.exe,客户端为LibMgClient.exe,其他:因为DCOM的服务器端想要支持远程访问就必须在操作系统中进行注册,所以特意制作了一个批处理文件Install.bat作为注册服务器端程序使用,用这个文件启动后,看到提示就可以将命令行窗口关闭了。此时服务器端被注册进操作系统,通过系统的控制面板——>管理工具——>服务可以看到该服务,名称为DrawServ。想要启动服务器端监听程序,通过DrawServ.exe可以启动,此时会弹出小窗口,表示服务器端正在运行,如果需要关闭服务端程序,点击小窗口上的按钮就可以关闭服务端。如果需要从操作系统中删除该服务,使用批处理文件Uninstall.bat,运行该文件后,先前在系统中注册的DrawServ服务会被自动删除。两个批处理文件都需要放在DrawServ.exe的相同目录下运行。-DCOM process: server-side for DrawServ.exe, the client for the LibMgClient.exe, other: because DCOM server-side you want to support remote access must be registered in the operating system, so deliberately created a batch file Install.bat as Registration server-side programs to use, with this document started, you are prompted on the command line window can be closed. At this point the server is registered into the operating system, through the system control panel- "Administrative Tools-" Service you can see the service name DrawServ. Want to start the server-side listener, through DrawServ.exe can start a small window will pop up that the server is running, if you need to close the server-side program, click the button on the small window you can turn off server-side. If you need to remove the service from the operating system, use the batch file Uninstall.bat, run the file, previously registered in the system DrawServ service will be automatically deleted. Two batch files need to be Platform: |
Size: 2120704 |
Author:于游 |
Hits:
Description: DLL注入工具源码,包括远程线程注入以及启动暂停进程修改入口注入,另附后者需要的特殊DLL的源码-DLL injection tool source, including remote thread injection and start the process to modify the entrance into the suspension, which attached a special DLL source code need Platform: |
Size: 43008 |
Author:老灰 |
Hits:
Description: 整个程序就一个JSP文件,但是程序还是有特点的,比如跨平台,只要共享80端口,就可以用它来管理远程管理;客户端无论安装任何插件。
远程连接建立成功后,这个程序 可以完成文件的增、删、改名等以及打包下载;可以使用Win下的"命令提示符"终端命令进行服务器重启等操作;可以远程桌面、查看运行的程序的状态,并终止已停止响应的程序、启动、停止或重启部分服务、查看CPU、内存、OS版本等。
-The entire process on a JSP file, but the program still has features, such as cross-platform, as long as the shared port 80, you can use it to manage remote management install any plug-ins, whether the client. Remote connection is established successfully, this procedure can be completed files, delete, rename, etc. and package download can use Win under the " command prompt" command to the server restarts the terminal and other operations can remote desktop, view the status of running programs and the termination of the program has stopped responding, start, stop or restart some services, view CPU, memory, OS version and so on. Platform: |
Size: 15360 |
Author:李动 |
Hits:
Description: 自己写的远程控制程序源码,能修改远程程机器的分辨率启动进程等
-Start the process to write their own remote control program source code, can modify the resolution of the remote-way machine Platform: |
Size: 32768 |
Author:奉献 |
Hits:
Description: 代码功能:将动态链接库注入已运行的进程
用途: 用于拦截API测试。
程序用于开发api拦截功能的辅助测试用,当开发了一个api拦截应用的时候,需要频繁的注入,卸载于某进程。
本工具可以使得工作更为方便的进行,如可直接启动notepad进程并注入指定的动态链接库(此dll名称写死于代码内
,但可以很容易的修改成可配置的方式,不过一般没有必要),当然,也可指定进程id来注入
当年做加密保护的时候,API拦截的部分经常需要做此种测试,故有此工具诞生了。
原理:用远程线程方式注入DLL,此种方法很稳定,代码也经受了长期使用的考验。
注意:默认的注入的动态链接库的名字叫mydll.dll, 详情请搜索源码,你当然可以改了它。-Code function: dynamic link library into a running processUses: used to intercept API test.Procedures for the development of API blocking the function of auxiliary test, when developing a API intercept application, require frequent injection, in a process of unloading.This tool can make the work more convenient, such as direct start Notepad process and injected into the specified dynamic-link library ( DLL name died within the code, but can easily be modified into a configurable manner, but is generally not necessary ), of course, can also be specified to process ID to injectWhen do encryption protection, API intercept part often need to do this test, it is this tool was born.Principle: using remote thread injection of DLL, this method is very stable, the code also undergo long-term use of the test.Note: the default into a dynamic link library name is mydll.dll, please search source code, you can change it. Platform: |
Size: 25600 |
Author:f |
Hits:
Description: 利用WMI获取网卡地址 硬盘序列号 CPU序列号 操作系统ID,内容丰富,附带wbemuuid.lib, wbemidl.h, 不必再下载那么大的PlatformSDK_2003_February. WMI是一项核心的Windows管理技术,WMI作为一种规范和基础结构,通过它可以访问、配置、管理和监视几乎所有的Windows资源,比如用户可以在远程计算机器上启动一个进程;设定一个在特定日期和时间运行的进程;远程启动计算机;获得本地或远程计算机的已安装程序列表;查询本地或远程计算机的Windows事件日志等等。-
Use WMI access card address hard drive serial number serial number operating system CPU ID, rich in content, with wbemuuid.lib, wbemidl.h, do not have to download big PlatformSDK_2003_February. WMI is a core Windows management technologies, WMI as a norm and infrastructure, through which you can access, configure, manage, and monitor almost all Windows resources, such as the user can start a process on a remote computer device setting a running process on a specific date and time remote boot the computer get local or remote computer list of installed programs check local or remote computer s Windows event logs and so on. Platform: |
Size: 150528 |
Author:罗滨 |
Hits:
Description: 守护软件启动时自动启动设定的进程可以设定telnet远程登录-Guardian software automatically start the process of setting can be set when starting a Telnet remote login Platform: |
Size: 74752 |
Author:ndvfork |
Hits:
Description: 守护软件启动时自动启动设定的进程可以设定telnet远程登录(Guardian software automatically start the process of setting can be set when starting a Telnet remote login) Platform: |
Size: 73728 |
Author:organizl
|
Hits: