Before you can use Back Orifice 2000 (BO2K), you must configure the default parameters for the server component. You can't change some parameters after the server is running; instead, you must stop the BO2K server before reconfiguring these parameters.
| File Transfer | |
| File Xfer Net Type | This parameter specifies the protocol to use when sending files back and forth to the server. Options include TCPIO and UDPIO, where each selection represents the TCP or UDP protocol, respectively. |
| File Xfer Bind String | The bind string usually consists of only a port number, which you can set to RANDOM or hard code to a specific port number. During my tests, I left this parameter set to RANDOM. |
| File Xfer Encryption | This parameter is the default encryption type that the server uses during file transfers. Options include XOR or 3DES. During my tests, I used 3DES for all encryption requirements. |
| File Xfer Auth | Although this parameter is for user authentication, BO2K doesn't support user authentication, so always leave this parameter set to NULLAUTH. |
| TCPIO | |
| Default Port | This parameter sets the default TCP port for client/server connections. |
| UDPIO | |
| Default Port | This parameter sets the default UDP port for client/server connections. |
| Built-in | |
| Load XOR Encryption | When you enable this parameter, it instructs the server to load its built-in support for XOR encryption. When you disable the parameter, no XOR communication can take place. |
| Load NULLAUTH | When you enable this parameter, it lets NULL user authentication take place. Because BO2K doesn't support multiuser authentication, leave this set to enabled. |
| Load UDP IO Module | When you enable this parameter, it causes the BO2K server to load UDP traffic support upon startup. If you leave this module disabled, no UDP sessions can take place. |
| Load TCP IO Module | When you enable this parameter, it causes the BO2K server to load TCP traffic support upon startup. If you leave this module disabled, no TCP connections can take place. |
| XOR | |
| XOR Key | This parameter specifies the XOR encryption key that the server uses to encrypt XOR-based communications. Any client attempting to connect to a BO2K server must also have this key to connect successfully. |
| Startup | |
| Init Cmd Net Type | This parameter specifies the default network transport for client/server communications. Configure this setting for either TCPIO or UDPIO. |
| Init Cmd Bind String | The bind string typically consists of only a port number for the server to listen on for incoming client connections. You can use this parameter to specify any unused port. |
| Init Cmd Encryption | This parameter specifies the default encryption type that the server uses to encrypt communications between itself and any clients. Configure this setting for either XOR or 3DES, where 3DES is the more secure of the two encryption types. |
| Init Cmd Auth | Although BO2K doesn't support user authentication subsystems, this parameter specifies these settings. Leave this parameter set to NULLAUTH. |
| Idle Timeout | This parameter specifies the amount of time (in milliseconds) that a client can remain idle before the server forces a disconnection. The default setting is 60,000 milliseconds, or 60 seconds. |
| Stealth | |
| Run At Startup | When you enable this parameter, it causes the BO2K server service to start automatically during a system boot sequence. |
| Delete Original File | When you enable this parameter, BO2K server will delete its original executable file upon startup. |
| Insidious Mode | This parameter causes BO2K server to rename itself in such a way that Windows Explorer can't see the file correctly when browsing directories. Enabling this setting causes the server to rename the executable file with approximately 254 spaces as a prefix to its filename so that tools such as Windows Explorer can't properly display the filename. |
| Runtime Pathname | This parameter lets the user spoof the executable's pathname in an effort to mislead anyone who might be examining process details on the system. The default setting is umgr32.exe, but you can rename the file to any name you choose. |
| Hide Process | When you enable this parameter, it causes BO2K to hide from the Processes list as seen under Task Manager or Pviewer. BO2K successfully hides by appending onto the end of a legitimate, executing system process. Therefore, if you enable this feature, you must set the Hide Process Name parameter to the exact name of a process already running on the system where BO2K will run; otherwise, the BO2K server won't start. For example, explorer.exe is usually running on all Windows NT 4.0 systems, so using that filename would be a good choice. |
| Host Process Name | This parameter specifies the name of a live process on the server where BO2K server will run. You can configure this setting to be any service name that is always running on the remote computer. Just remember that if you stop the named service, BO2K server will also stop, and you'll have to manually restart the server and the named service to regain access to the BO2K server. |
| Service Name (NT) | This parameter defines the service name you use to present the BO2K server service when viewing services in the Control Panel Services applet. This parameter is only relevant when you're configuring BO2K server to run at startup, in collaboration with Host Process Name. |
| 3DES | |
| 3DES Key String | This parameter specifies the Triple Data Encryption Standard (DES) encryption key that the server uses to encrypt 3DES-based communications. Any client attempting to connect to a BO2K server must also have this key to connect successfully. |
| BOPEEP | |
| VidStream X Res | This parameter specifies the video-display-screen width. For easier viewing, set this parameter to 640. |
| VidStream Y Res | This parameter specifies the video-display-screen height. For easier viewing, set this parameter to 480 when setting the X Res parameter to 640. |
| VidStream Net Module | This parameter specifies the network protocol the BOPEEP plugin uses for video hijacking sessions. Set this parameter to either TCPIO or UDPIO. |
| VidStream Bind Str | You typically use this parameter to specify the default port that the video capture service will listen on for client connections. The BOPEEP client also requires this parameter to connect to a video stream. |
| VidStream Encryption | This parameter specifies the encryption type for video session traffic. Set this parameter to either XOR or 3DES, where 3DES is the stronger of the two encryption systems. |
| VidStream Auth | This parameter is reserved for user authentication support, which BO2K doesn't provide. Leave this parameter set to NULLAUTH. |
| Hijack Net Module | This parameter specifies the network protocol you use for keyboard and mouse hijacking sessions. Set this parameter to either TCPIO or UDPIO. |
| Hijack Bind Str | You typically use this parameter to specify the default port that the keyboard and mouse capture service will listen on for client connections. The BOPEEP client also requires this parameter to connect to the server. |
| Hijack Encryption | This parameter specifies the encryption type for keyboard and mouse hijacking sessions. Set this parameter to either XOR or 3DES, where 3DES is the stronger of the two encryption systems. |
| Hijack Auth | BO2K has reserved this parameter for user authentication support, which BO2K doesn't provide. Leave this parameter set to NULLAUTH. |
1 comment
Hide comments
