by akcom
Written in Delphi
Released in April 2004
manslut uploader v1 rc4 by akcom
compiled 4/11/2004
this a reverse connection sin trojan... um... thats it
public beta #1
beta #7
keep in mind...
1) the server field in the editor should/can be a dynamic dns address that you have the backdoor connect
or a static address (not recommended)
2) remote file in upload and download can include the following strings: %WINDIR%, %SYSDIR%, %TMPDIR%.
they will be translated accordingly, (ie %WINDIR%\test.exe = C:\Windows\test.exe)
3) clicking on a client will 'activate' the client, bringing up all its information (proc list, sys info, remote cmd, etc)
4) to stop a remote cmd prompt just send 'exit' w/o the quotes
5) you will need to open 61804, the transfer port (displayed at runtime), and whatever port you select for the
backdoor to connect on
6) the server uses the Active Setup startup method with a randomly generated GUID (reduce sig)
akcom
Client:
port: 61804 TCP
Server:
c:\WINDOWS\myfile.exe
size: 8.704 bytes
startup;
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{3D54367D-420F-434a-8761-383F217755AA} "StubPath"
MegaSecurity