CAFEiNi 0.9 - CAFEiNi's back (updated)
NEW GENERATION OF WIN95/98/2000/NT BACKDOORS (FOR REMOTE COMPUTER CONTROL)

1. Why CAFEiNi is better than other backdoors (like NetBus):
-can kill more than 20 Windows antiviruses and antibackdoors from memory
-doesn't installs itself into registry (when can)
-written in Visual C++ (smaller and faster than Delphi)
-you can control remote computer by telnet (eg. from Unix)
-works on Windows 95/98 and also Windows NT/2000
-with CAFEiNiclient you can control multiple computers
 (eg. open CD-ROM doors on 10 computers with one button click)
-full multitasking (eg. you can upload and download files in
 one time from multiple computers)
-some new backdoors commands (especially with desktop)
-automatic update of server by http

2. What's CAFEiNi.
CAFEiNi consist of two programs for Windows 95/98/2000/NT:
server "CAFEiNi.exe" and client "CAFEclnt.exe". Server gives to
client opportunity to remote control computer with installed server.
You have control, sometimes bigger then user on computer with installed
server. Additionally client can be replaced with any telnet client and
you can control Windows computer from Unix, Linux... 
But from "CAFEclnt.exe" you have port scanner and you can control
multiple computers (eg. open CD-ROM doors on all computers (servers) with
one button click).

3. How to try without installing server.
You can start server with "/noinstall" option: "cafeini.exe /noinstall"
and server doesn't install itself into system. Next time you start
computer there isn't CAFEiNi server installed. You can also start
server and client in one computer (enter "127.0.0.1" in client), but
some command may not work or work not good.

4. How to install server.
It's very simple, you have to run "cafeini.exe" (server) on victims
computer. If you haven't phisical access to victims computer
send it to victim by FTP, IRC, ICQ... You can rename "cafeini.exe"
to other name eg. "update.exe". When victim runs this program
you will have remote access to victims computer.

5. How to connect (get remote control).
a) from CAFEiNiclient ("cafeclnt.exe" works on Windows 95/98/NT) 
  enter victims host name or IP, default port is 51966 (0xCAFE),
  click "connect" and if server is installed and computer connected
  to Internet (or your network) you'll be connected,
b) from any telnet client (all kind of computers)
  enter command "telnet <victim> 51966", where <victim> is victims
  host name or IP (eg. from Windows click "Start", click "Run" and
  enter something like that: "telnet 107.3.45.11 51966")

6. How to remove server.
You must find all files on hard disk with same size that server
(you can use Dos Navigator's Find option and later Advanced).
When you have this file (or these files) you must find file(s) with
same content that server (you can use dos file compare "fc server.exe something.exe").
When you find CAFEiNi server(s) you can delete this file. But if
server is started you can't delete his executable file in Windows. 
(close Windows and use dos "del filename.exe").

7. Killing of antiviruses and antibackdoors.
CAFEiNi server can kill many antiviruses and antibackdoors from memory. 
But must be started before all antivirus monitors that detects it,
because in other way CAFEiNi server can't be started.

CAFEiNi server kills these antiviruses from memory:
AntiViral Toolkit Pro
AntiVirus eXpert
Anywhere AntiVirus
Avast32
AVK SCAN
eSafe Protect
F-Secure AntiVirus
F/WIN32
FIBER Anti Virus 
Integrity Master
Intel LANDesk Virus Protect
McAfee VirusScan
MkS_Vir
Norton AntiVirus
Panda AntiVirus
PC-cillin
Quick Heal
Romanian AntiVirus Pro
Sophos Anti-Virus Sweep
ThunderBYTE AntiVirus
VirusSafe Web

CAFEiNi server kills these antibackdoors from memory:
HookProtect 
LockDown
The Cleaner
TrojanDefenseSuite

8. If you want help (bug reporting).
If you detected some bugs in server please send bug report to authors.
If you can, please also include log file created in this way:
Start server with option "/debug=<drive>\<logfilename>"
(eg. "cafeini.exe /debug=c:\cafeini.log") and do what have you did
when you detected bug.

9. Program system requirements.
-computer with Windows 95/98/2000/NT
-installed TCP/IP

10. Licence.
Authors doesn't take any responsibility for damages caused by this
program. You can't use this program to purposes which aren't agree
with law.

11. Contact with authors:
E-mail: cafeini@viper.pl
	cafeini@kki.net.pl
WWW:    http://viper.pl/~cafeini
        http://kki.net.pl/~cafeini