Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Hacking Techniques :: bo-bpfaq.txt

Back Orifice Buttplugs FAQ





Back Orifice Buttplugs and Goodies FAQ (Frequently Asked Questions)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    It seems the software I have written for Back Orifice has achieved quite a lot of popularity.  Initially, I started writing personal responses to each person that had a question or comment about the plugins/goodies.  Unfortunately, the time has come for me to use an automated system--the amount of mail I get each day about this software has gotten to be unmanagable.
    If you wrote with a comment, thank you.  I personally read each and every piece of mail I get (even though I cannot personally reply to all of it).  If you wrote with a question, the answer will be in the following FAQ (I compiled the list of questions and answers from the messages I have received in the past week or two).
    Thanks for showing an interest!
-E

Brian Enigma ----------------------
http://www.netninja.com/enigma.html
"Painful pleasures turn to pleasing pain" -- Sir Edmund Spencer

BUTT TRUMPET
~~~~~~~~~~~
Q: ....any question....
>>>>>A: Before asking any questions, be sure to check if you have the latest version.  At the time of this writing, 1.1 is the latest version number.  Check http://www.netninja.com/bo.html for all updates and information!

Q: For some reason, BT is not sending out an email.  I used the address of a web-based email system and my email address--or I used the address of my Internet Service Provider (ISP).
>>>>>A1: Probably, the server you are using does not have a daemon listening for SMTP (email) traffic on port 25.  This is a pretty typical situation.  Just like web servers will usually have a "www.", mail servers will usually have a "mail." in front of them.  For instance, hotmail uses "mail.hotmail.com."  My ISP (let us call it "server.com") uses "mail.server.com."
>>>>>A2: Some mail servers will not "forward" mail unless the source or destination is on that server.  For instance, you would not be able to used "mail.hotmail.com" to get to "enigma@server.com."  Conversely, you would not be able to use "mail.server.com" to get to "enigma@hotmail.com."
>>>>>A3: BT might have already sent a message.  If you feel comfortable using RegEdit, check for the key "HK_Local_Machine\Software\NinjaSoft\BT\RunSuccess."  If it exists, then a message has already been sent (SOMEWHERE!).  You will have to delete it and reboot the machine for BT to send another message.

Q: How do I get BT to send a message every time the user logs in?
>>>>>A: See "A3" above.  There is presently no automated way of doing this.  In a future version, this will be an option.

Q: It still will not send a message
>>>>>A1: Maybe you are not waiting long enough.  BT waits about 5 minutes between retries, starting when you first turn on the computer (at which point most people do not have an internet coneection.  Maybe your timing is off?
>>>>>A2: I would suggest checking your BOConfig install parameters.  Be sure to call BT.DLL:_start and be sure to use HOST,EMAIL as the parameter.  Also, attach BT.DLL to the installer and have it copied to the system directory with the same name.  Try connecting to the machine with BT installed.  Invoke it manually (using the Plugin Launch command).  The first argument is BT.DLL:_start and the second is your HOST,EMAIL argument.  See if an error message is returned.  The plugin will return a "null string" if everything went well.  If you get an error message involving a missing DLL, either (1) you have the wrong version, upgrade to 1.1 -or- (2) the victim has a problem with their TCP/IP DLL's (or does not have them installed).
>>>>>A3: I do not know...it worked for me.  It works for hundreds of other people.  Maybe you are just weird.  (Not that that is a BAD thing!)

SARANWRAP
~~~~~~~~
Q: After setting up SaranWrap and testing it, my computer hangs
>>>>>A: You probably used SaranWrap.EXE as the "real" program to run.  (Did you copy SaranWrap.EXE to DATA2.Z?  If so, you have a problem.).  Try this: Find NOTEPAD.EXE and copy it to DATA2.Z (in the same directory as DATA1.Z and your, possibly renamed, copy of SaranWrap.EXE).  Try testing again and it will work.  Next time, rename some other .EXE file to DATA2.Z.

Q: When run, SaranWrap says "Cannot locate DLL xxxxxxxx.EXE"
>>>>>A: Upgrade to the latest version.  1.0 had this problem on some machines.  1.1 has fixed it.

Q: Can I change the extension to something other than EXE?
>>>>>A: Technically, yes...but probably, nothing would happen.  The only way to run the program from a user interface (Explorer) is to let Explorer know that it is a program.  [As an aside: through API calls, you can run a file with ANY extension as a program, but through Explorer, an email program, etc. it must have the proper extension].  Technically, you can use SCR (for screen saver, you can still double-click on it, but it won't run as a proper screen saver) or COM (no icon, but it will still run) or possibly a few others.  DO NOT expect to be able to rename it to .WAV and have Media Player install it--that just will not work.

Q: After setting up SaranWrap and testing it on a Windows 95 system, someone goes to run the program on a Windows NT system.  They get a Back Orifice error about "password enumeration."  How do I make this stop?
>>>>>A: This has been fixed in Silk Rope, but not yet in Saran Wrap.  I would suggest using Silk Rope instead.

SILK ROPE
~~~~~~~~
Q: When I run SilkRope.EXE, I get an error message ("This file has been damaged or corrupted").
>>>>>A: Read the directions.  By itself, SilkRope.EXE does absolutely nothing (aside from spew out error messages).  You *MUST* use SilkRopeBind.EXE to attach your Back Orifice installer and another .EXE program to SilkRope.EXE.  Then you may rename SilkRope to whatever you wish and run it.

Q: After setting up Silk Rope and testing it, my computer hangs
>>>>>A: You probably used SilkRope.EXE as the "real" program to run.  (Did you type in SilkRope.EXE twice when running SilkRopeBind?  If so, you have a problem.).  Try this: Use SilkRope.EXE as the stub progrm, find NOTEPAD.EXE on your system and use that as the "real" program.  Try testing again and it will work.  Next time, use some other .EXE file in place of notepad.

Q: Can I change the extension to something other than EXE?
>>>>>A: Technically, yes...but probably, nothing would happen.  The only way to run the program from a user interface (Explorer) is to let Explorer know that it is a program.  [As an aside: through API calls, you can run a file with ANY extension as a program, but through Explorer, an email program, etc. it must have the proper extension].  Technically, you can use SCR (for screen saver, you can still double-click on it, but it won't run as a proper screen saver) or COM (no icon, but it will still run) or possibly a few others.  DO NOT expect to be able to rename it to .WAV and have Media Player install it--that just will not work.

Q: After setting up Silk Rope and testing it on a Windows 95 system, someone goes to run the program on a Windows NT system.  They get a Back Orifice error about "password enumeration."  How do I make this stop?
>>>>>A: Upgrade to the latest version.  This was fixed in 1.1.

Q: When attaching a BO installer with an embedded plugin to a file with Silk Rope, the embedded DLL plugin gets copied to the SYSTEM directory, but the actual BO program does not.  The user has to run the Silk Rope'ed program twice for everything to work properly.
>>>>>A: I was only recently made aware of this and am not sure how wide-spread the problem is (or even the cause).  I have never run across this problem, and am still researching it.  If you have any additional information, please let me know.  Also, if you have done this and have NOT had this problem, let me know--it will help me gather the number of working vs. nonworking situations and any special or funky circumstances that may be contributing.

SPEAKEASY
~~~~~~~~
Q: ....any question....
>>>>>A: As yet, I have no frequently asked questions (or answers).  Bear in mind that it is a beta release.  It works, it just does not work very well.

Q: It won't connect to server xxxxxxx.xxx.
>>>>>A: For some reason, certain servers do not like my connection.  For instance, some will allow you to open a telnet session and some will not.  Some require some form of the "identd" daemon running on your system, some do not.  You will have to experiment with your own system(s) to determine which servers work for you.

BACK ORIFICE
~~~~~~~~~~~
Q: ....any question....
>>>>>A: Try checking http://www.cultdeadcow.com or hang around in IRC.

END


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH