adil
/
DigiSpark-Payloads
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
DigiSpark-Payloads/payloads/BackDoor
History
Muhammad Talha Khan ef45d4b83c
Rename GoodOl' BackDoor to GoodOl' BackDoor.ino 		2019-05-31 23:45:38 +05:00
..
GoodOl' BackDoor.ino Rename GoodOl' BackDoor to GoodOl' BackDoor.ino 2019-05-31 23:45:38 +05:00
README.md Update README.md 2019-05-31 23:45:05 +05:00
Remote_BackDoor.ino Add files via upload 2019-02-17 19:20:21 +05:00

README.md

BackDoor

Description:

1: Remote_BackDoor.ino:

Creates account with admin privileges with name blanka and passwd Ping@123. Also hides it from login screen and turn on remote desktop to be accessible from remote location.

Tested on:
OS: Windows 10
User: Admin User
Hardware: ATtiny85 (Chinese)

2: GoodOl' BackDoor.ino:

Based on old sticky key backdoor trick by adding a registry key instead of replacing the file in system32 directory. After successful run press shift 5 times on login screen and command prompt will popup with admin privileges.

To remove the backdoor run the following command in command prompt with admin privileges and backdoor will be removed.

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe

Tested on:
OS: Windows 10/7
User: Admin User
Hardware: ATtiny85 (Chinese)