.: ConsoleDevil 1.2 :.
Released 16 years, 1 month ago. Jul 2006
By MySelf::actions
Additional Details
- Coded by: MySelf
- Version: ConsoleDevil 1.2
- Released date: Jul 2006, 16 years, 1 month ago.
- Family: ConsoleDevil
- Category: Remote Access
MegaSecurity Notes
Server: dropped file: c:\WINDOWS\system32\server.exe size: 10,800 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ConsoleDevil" data: C:\WINDOWS\System32\server.exe tested on Windows XP July 15, 2006
Author Words
1) Introduction ConsoleDevil is a Small RAT (Remote Administration Tool) that lets you take control over a remote computers windows console (command prompt) from where you can do almost everything such as pinging servers, browse directories,... and if you still need more functions you can easily download tons of commandline tools. 2) Features - Reverse connection - Firewall bypass (Using Code injection) - Small serversize: 13kb Unpacked - Remote Console - Persistant server - Web Downloader 3) Manual Install directory: For the install directory you can use environment variables, for example %systemroot% will be replaced with C:\Windows,E:\Windows,... there are more aviable like: %SystemDrive%, %Temp% Notice: Make sure this ends with .exe! Persistant: If this function is activated the server will be rewritten when deleted and the process restarted when killed. Notice: It could be hard to remove the server from the remote computer! Injection: The process in that the server should be injected. Notice: Not all processes work! If you don't know what you are doing leave this on default. Download: The downloads are stored in the directory the server is installed, for example C:\Windows. After the download is finished the server will tell you through console output. MySelf
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.