Be Brave to Get Work Done - I was woken up this morning from a call from work. Not a good sign. Apparently the customer found a potential problem in our delivery. I got on a conferen...
SubSeven has a lot of capabilities. You can log keystrokes. You can capture webcam images. You can edit the target computer registry. You can record from the microphone. And you can take screen shots. It has a computer style translator to speak on your behalf to the user. The server program will be relaunched in a unique way. It chains into Windows so that when any program is launched, SubSeven will also get restarted if it is down.
SubSeven comes as a couple programs: a server to install on the target machine, a client that allows you to take control of the target, and an editor to configure the server. The client has a graphical user interface. This client shows when targets are online. The server program installs in the Windows directory.
The name of the server is "server.exe". The client is "sub7.exe". And the server editor is "editserver.exe". The programs require and make use of "ICQMAPI.DLL" for comms. Communication between client and server is over ICQ, IRC, and email. It uses TCP ports 1243, 6711 through 6713, 6776, and 27374. Different operations go over different ports.
The official website is supposed to be www.subseven.org. Strangely enough, the site was no longer there. In fact, GoDaddy offered to sell me the domain for $69.99. Not sure if I believe GoDaddy. The server program was initially distributed by tricking users into thinking they were getting warez or some sexually explicit material. Thus the Trojan categorization.
Hype surrounding SubSeven compared it to Back Orifice. Rumors say SubSeven installs outnumber Back Orifice 100 to 1. Take that with a grain of salt. Trash talkers report that SubSeven makes Back Orifice look tame. Hah. There is a gold version of the program that lets you use different skins for the UI. On the other side of the coin, some say that SubSeven is a toy used by wanna be hackers. Who are you going to believe?