Apr 27, 2011

NTSD Backdoor [it's very easy to create backdoor]

NTSD (Microsoft NT Symbolic Debugger) is a debugger that is packaged as part of Windows.  You can find ntsd.exe in your system32 directory.


It really doesn’t matter what port you use or what application you choose to “debug.”  Now on the remote machine connect to the server:

Now that we’re connected we can start issuing commands.

Of course, the obligatory ipconfig

How about adding a user?


 

Source: http://www.securityaegis.com/ntsd-backdoor/

No comments: