NT Clients subject to New Trojan

NetBus
Reported August 12, 1998 by Carl-Fredrik Neikter

VERSIONS AFFECTED

• Windows NT

DESCRIPTION

Carl has developed and released a program called NetBus that could be used by a malicious intruder as a trojan remote control application on Windows NT systems. According to Carl, the following things are possible with NetBus loaded on an remote NT system.

• Open/Close CD-ROM
• Show optional BMP/JPG image.
• Swap mouse buttons.
• Start optional application.
• Play a wav file.
• Control mouse.
• Show different kind"s of messages.
• Shut down Windows.
• Download optional file.
• Go to an optional URL.
• Send keystrokes.
• Listen for and send keystrokes.
• Take a screendump.
• Increase and decrease the sound-volume.
• Record sounds from the microphone.
• Upload optional file.
• Make click sounds every time a key is pressed.

DEMONSTRATION CODE:

Download NetBus (500K) from this site now.

MICROSOFT"S RESPONSE:

Unknown at this time.

To learn more about NT Security concerns, subscribe to NTSD

Copyright (C) 1998 - M.E. -- ALL RIGHTS RESERVED
Unauthorized duplication expressly prohibited
LINK TO THIS PAGE INSTEAD OF VIOLATING OUR COPYRIGHT