It appears there is much confusion here judging by the varied postings I have just read.

Yes SubSeven is a remote administration tool (legit or not legit) you decide. A gun or a hammer can be used for either legitimate purposes or illegitimate purposes and that decision lies with the end user. We supply a software product free of charge for anybody to download and use in whatever way they will.

This program represents hours of our free time developing, testing and coming up with new and radical ideas. Many of the ideas have made people sit up and think and yes we have a lot more even more radical ideas thought out and researched ready for implementation in our stable version 2.3 releasable in 2-3 weeks time with IRC Bot plugin and SDK.

You may also notice now that Sub7 hides from process managers and none DOS based netstat outputs. Nowhere yet have I seen any knowledgable security writer make any reference to this.

I tend to agree with SilenceGold on his summary of SubSeven as remote administration. With or without permission it is still remote administration whichever way you look at it.

As for file extensions you can use *.exe *.com *.bat *.pif *.scr *.hta *.vbs *.shs if created properly into a shell scrap file (a simple rename will not work) plus many others. Also note that a file can be joined to the server to make any extension executable. Its possible to name your server package *.ggg and have a small program associate *.ggg as executable. Obviously the joined file that made *.ggg executable would have to be an executable of some description in the first place.

Regards HeLLfiReZ for more information IRC subseven.mine.nu 6667 #subseven our realtime assistance channel or hellfirez65 (at) yahoo (dot) com [email concealed]

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/171/4949#4949