.: ConsoleDevil 1.2 :.

Additional Details

• Coded by: MySelf
• Version: ConsoleDevil 1.2
• Released date: Jul 2006, 16 years, 1 month ago.
• Family: ConsoleDevil
• Category: Remote Access

MegaSecurity Notes

Server:
dropped file:
c:\WINDOWS\system32\server.exe
size: 10,800 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ConsoleDevil"
data: C:\WINDOWS\System32\server.exe 
 

tested on Windows XP
July 15, 2006

Author Words

1) Introduction
ConsoleDevil is a Small RAT (Remote Administration Tool) that lets you
take control over a remote computers windows console (command prompt)
from where you can do almost everything such as pinging servers, 
browse directories,... and if you still need more functions you can easily download tons of commandline tools.


2) Features
- Reverse connection
- Firewall bypass (Using Code injection)
- Small serversize: 13kb Unpacked
- Remote Console
- Persistant server
- Web Downloader

3) Manual

Install directory: For the install directory you can use environment variables, for example %systemroot% will be replaced
with C:\Windows,E:\Windows,... there are more aviable like: %SystemDrive%, %Temp%
Notice: Make sure this ends with .exe!

Persistant: If this function is activated the server will be rewritten when deleted and
the process restarted when killed. 
Notice: It could be hard to remove the server from the remote computer!

Injection: The process in that the server should be injected.
Notice: Not all processes work! If you don't know what you are doing leave this on default.

Download: The downloads are stored in the directory the server is installed, for example C:\Windows.
After the download is finished the server will tell you through console output.

MySelf