Re: bd - Win2k backdoor

[Andreas Junestam <andreas () atstake com>]

Hi Parth,

Whoa, Im surprised to see that people actually are using it! :) Cool
bd has moved on and become bd2, with some new features:
* Injects itself as a dll under services.exe
* New, "stealthy" reboot protection
* Kernel driver to hide the backdoor files from userspace
The rest is still done the same way as before...

But, this hasn't been worked on for 4-5 months, so Im no 100% about the
current build state. Drop me an e-mail if you want a copy of it, since
it is not currently posted to any web-space. Will be posted on
darklab.org
sometime in the future (read: when I finaly have some spare time for
it.. :) )

Regards
Andreas

Parth Galen wrote:
> Does anyone know where I can get a copy of bd? It was at labs.defcom.com/releases/bd/ but is no longer there. I am 
> wanting to use this rather than nc in a pentest to prove the point that local portscanning as an intrusion detection 
> method is not enough.
>
> Cheers,
> Parth
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/