лллллллл лллллллл лллллллл ллллллллл ллл ллл ллл ллл ллл ппп п ллл п ллл ллл ллл лллллллл ллл ллл лллп ллл оллл ллл ллл ллл оллн ллл ллл оллн ллл ллл ллл ллл лллллллл лллллллл ллл Renegade Smart Trojan 06-93 By Goldstein ў Room 101 708-265-1984 INTRODUCTION ~~~~~~~~~~~~ RGST is a very easy to use and powerful trojan designed for allowing users without sysop access to gain access to the BBS's DOS, thus putting control of the BBS in their hands. I wrote this because I have seen no trojans for Renegade. I got the idea of appending entries to the back of the BBSLIST menu from the old Telegard Userlist trojan. INSTALLATION INSTRUCTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~ Installation of RGST is very easy! Simply upload the included file (RGHF.ZIP) to the targeted BBS. Enter the description as an Renegade utility which examines the history logs and pulls the information on the specified date. To make sure they run it, desribe it as 'providing extensive and accurate' information on any given day in the history of the BBS. Even if they enter a day which the BBS was not up, or even if they abort it, it will install the backdoor. What it does is when it opens the Renegade.dat file (to retrieve the data directory for the history logs), it retrieves the menu directory and appends the following entries to the end of the BBS list menu: Long Descript : Short Descript: Menu Keys :/Z ACS Required :"" Cmd Keys :-L Options :Retrieves Sysop Password & Puts it here Flags : (H)idden Long Descript : Short Descript: Menu Keys :/Z ACS Required :"" Cmd Keys :*D Options : Flags : (H)idden What this means is anytime after the sysop running this, anyone can hit /Z at the BBS List Menu, and it will display the sysop password and enter Minidos. Some systems will require you enter the sysop password before accessing MiniDos. (BTW the BBS List menu rarely needs maintainence therefore their is little chance of detection). Once your in MiniDos you can run external commands like: C:\RENEGADE> ext echo y|format c: or grab the user list: C:\RENEGADE> send Data\users.dat or whatever... FEATURES ~~~~~~~~ RGST includes special routines to check if the BBSLIST.MNU already has the entry appended, and will not append it twice, this prevents the BBSLIST Menu from growing each time the program is run. RGST also includes built in encryption to hide the names of the files it needs to access that program normally wouldn't (and the commands it puts in them). This stops detection via suspcious sysop looking at the binary. DISCLAIMER OF ALL WARRANTIES AND LIABILITY ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ RGST IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED. YOU ASSUME THE ENTIRE RISK OF USING THE PRODUCT. THE AUTHOR WILL NOT BE LIABLE FOR, BUT NOT LIMITED TO, DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES RESULTING FROM ANY USE OF THIS SOFTWARE. ONCE THIS PROGRAM IS NO LONGER UNDER THE CONTROL OF ITS AUTHOR, ALL LIABILITY AND RESPONSIBILITY IS TRANSFERED TO THE USER. Thanks to Guitar (Whammy Bar BBS 708-268-0035) for testing