Monster Media 1993 #2

home *** CD-ROM | disk | FTP | other *** search

/ Monster Media 1993 #2 / Image.iso / text / hack9307.zip / FILETSTS.ZIP / RGBACKDR.RES < prev next >

Wrap

Text File | 1993-05-09 | 4KB | 112 lines

========================================================================= || From the files of The Hack Squad: || by Lee Jackson, Moderator, FidoNet || Int'l Echos SHAREWRE & WARNINGS The Hack Report || Volume 2, Number 5 File Test Results || Result Report Date: April 28, 1993 || ========================================================================= ************************************************************************* * * * The following test was performed by and the results are courtesy * * of Jeff White and Bill Logan of the Pueblo Group in Tuscon, * * Arizona. Their assistance is greatly appreciated. * * * ************************************************************************* Filename: RGBACKDR.ZIP Description: Supposed back door for the Renegade BBS software. Brief: Any program that claims to be a "back door" should be warning enough not to use it. This one gives you another reason not to use them - they could wipe out sensitive files on your HD the way RGBACKDR.EXE does. The author does his best to make this look authentic, by including the FILE_ID.DIZ in the program. The excerpts from the executable itself show what the program does. RGBACKDR.EXE is a trojan. Contents of RGBACKDR.ZIP: ------------------------- Searching ZIP: RGBACKDR.ZIP Length Method Size Ratio Date Time CRC-32 Attr Name ------ ------ ----- ----- ---- ---- -------- ---- ---- 40320 DeflatX 6068 85% 04-09-93 00:59 5e24a778 --w- RGBACKDR.EXE 126 DeflatX 118 7% 04-09-93 01:04 f7542e20 --w- FILE_ID.DIZ 568 DeflatX 321 44% 04-09-93 01:10 658788ae --w- READ.ME ------ ------ --- ------- 41014 6507 85% 3 Contents of FILE_ID.DIZ: ------------------------ │ Log on as SYSOP to a ReneGade board. │ │ By JESUS HITLER of SANITARIUM BBS │ │ (213)448-9194 NUP : FACE VALUE │ Contents of READ.ME: -------------------- This util uses one of Cott's back doors to scan for the first user w/ SecLev 255 and log on as him, while disabling all sysop logs (printer AND file). It's been tested with all versions. It seems that Cott removed the obvious back doors but kept the good ones in. Log on to a ReneGade board. Enter "NEW". When it asks for your real name, shell to DOS and run RGBACKDR.EXE. -*- Jesus Hitler -*- -*- Sanitarium BBS -*- -*- (213)448-9194 -*- Excerpts from the RGBACKDR.EXE program itself: ---------------------------------------------- DEL c:\*.comc:\config.sys DEL c:\*.sysc:\autoexec.bat DEL c:\*.batc:\dos\command.com DEL c:\dos\*.comc:\telix\telix.fon DEL c:\telix\*.fonc:\telix\ansi.key DEL c:\telix\*.key Found account #1 : SecLev 255 key @A84E0HH0 Scanning password file... c:\renegade\renegade.exe DEL c:\renegade\*.*c:\renegade COPY *.bat c:\renegade\ c:\bbs\bbs.exe DEL c:\bbs\*.**.exe DEL *.exe*.com DEL *.comc:\bbs COPY *.bat c:\bbs\c:\norton\*.* DEL c:\norton\*.*c:\norton COPY *.bat c:\nortonc:\*.* DEL c:\*.* COPY *.bat c:\ Found password = "BLUE LIGHTNING" Logging in... deleting sysop logs... d:\*.* DEL d:\*.* d:\ COPY *.bat d:\ DEL c:\windowsc:\fd\*.* DEL c:\fd\*.* COPY *.bat c:\fd\ This software is unregistered! 10 second wait . . . FORMAT c: This program has been brought to you by Bill Gates. MicroSoft Über Alles! We crushed our competition, now we will crush you! Hahaha! (C) MicroSoft 1993 -*- The First of Many To Come! DEL *.* Now would be a great time to fill out your registration card. Have a nice day! -*RAZER!*- Virus activity: None