version 1.0 beta
(c) 1998 Njord of Kr0me Corp
phAse zero is remote administration tool composed of a server running on all current win32 platforms (windows NT / windows 95 / windows 98), a graphical user interface (GUI) and an installer.
some of the features of this first release (1.0 beta):
o integrated remote ftp client
o remote file system control
o spawning of processes
o functions to manipulate the windows registries
o restricting access to the phAse server via ip masks
o configurable registry/executable name and server port
and much more (see the list below for a complete listing).
in order to install phAse zero on a server, copy the three exe files (setup.exe client.exe phase.exe) to a directory and run setup. a dialog box will appear; if you don't want to change the default settings for the registry, click on 'yes' to proceed. next, you will be prompted for the port to use (default is 555) and an optional ip mask. if you specify the ip mask, only users from a certain host will be allowed to access the phAse zero server. you can leave this field blank if you don't need access restrictions.
网管u家u.bitscn@com
these are all valid ip mask formats:
etc.
the installer will write to the windows registry and install the server's executable (one file). then control is returned to the user. please note that the executable file size is random.
if you need further "quot;security"quot; you may change the default registry keys (key name and file name) using setup.exe.
once the server is installed, it runs hidden from the tasklist and the taskbar and uses CPU time only when needed.
to activate phAse from remote, use the GUI interface (client.exe). you just need to enter the server's host name or ip address and the port that you have chosen during the installation (the default is 555).
now, click on OK. the server will respond with its version name and number.
select the command you want to use and click on it: one or more parameters (edit boxes) will be activated if necessary. fill in all the required parameters and press the SEND button.
to terminate the current session, you can either click on OFF or enter the "quot;terminate session"quot; command (followed by the SEND button).
网管论坛bbs_bitsCN_com
these are all the commands currently implemented in this version of phAse zero, along with their parameters:
FTP UPLOAD
"lt;user"gt; "lt;pass"gt; "lt;host"gt; "lt;local file path"gt; "lt;remote path"gt; "lt;remote file"gt;
tell the server to upload the specified local file via ftp to remote path
FTP DOWNLOAD
"lt;user"gt; "lt;pass"gt; "lt;host"gt; "lt;local file path"gt; "lt;remote path"gt; "lt;remote file"gt;
tell the server to download the specified remote file via ftp to local path
EXECUTE
[s|h] "lt;file path"gt;
execute a file (S=show window, H=hide window)
CHANGE DIRECTORY
"lt;directory"gt;
LIST DIRECTORY
"lt;path and mask"gt;
a file mask is required, path is optional (example: D:\WINNT\*.*)
CREATE DIRECTORY
"lt;directory"gt;
REMOVE DIRECTORY
"lt;directory"gt;
中国网管论坛bbs.bitsCN.com SHOW CURRENT DIR
COPY FILE
"lt;input file"gt; "lt;output file"gt;
MOVE FILE
"lt;input file"gt; "lt;output file"gt;
RENAME FILE
"lt;old file name"gt; "lt;new file name"gt;
DELETE FILE
"lt;file path"gt;
TYPE FILE
"lt;file path"gt;
type the specified text file
HEX TYPE FILE
"lt;file path"gt;
shows an hexadecimal dump of the specified binary or text file
SHOW DIALOG BOX
"lt;message"gt;
shows the specified message into a dialog box on the server
LOCKUP SERVER
locks up the server
TRASH SERVER
trashes the server and locks it up
REG CREATE KEY
"lt;key"gt;
create the specified registry key
REG DELETE KEY
"lt;key"gt;
deletes the specified registry key
REG DELETE VALUE
"lt;key"gt;
deletes the specified registry value
REG CHECK KEY
"lt;key"gt;
网管朋友网www_bitscn_net determines if a key or a name exists
REG SET CURRENT KEY
"lt;key"gt;
sets the currently open registry key
REG READ KEY VALUE
"lt;key"gt;
read the specified key's value
REG WRITE KEY VALUE
"lt;key"gt; "lt;value"gt;
creates or updates the specified key and associated value
REG LIST KEYS
lists available keys in the currently open key
REG LIST VALUES
lists available values in the currently open key
TERMINATE SESSION
terminates the current session only
UNLOAD SERVER
terminates all connections and unloads the server
please note that this is the first public beta of phAse zero, and it is by no means complete. possible future additions: file sharing support, stealth key logging, media player, integrated port and host scanner, plugins, etc.
please report any bugs you find (suggestions/criticisms/ideas are welcome).
our e-mail address: kr0me@cryogen.com
or visit our web page at: http://kr0mecorp.home.ml.org
网管u家www.bitscn.net (C) 1998 by Njord of Kr0me Corp.
All rights reserved.
评论加载中…