RedShell is a light (15k) backdoor that is
capable of spawning a shell on a remote computer,
allowing a user the ability to connect (via
Telnet, NC. etc) up to the remote computer, [port
1337], and execute any commands they wish.
Installation: Put WINSYS32.EXE into the
Windows/System32 folder of your victims computer
and execute. Uninstallation: Kill the WINSYS32.EXE
process, Delete WINSYS32.EXE from the
Windows/System32 folder and to remove the service,
start Regedit and delete:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWINSYS32
Alias:
Backdoor Program [Panda]
Backdoor.Small.n
Backdoor/Cigivip.10 [Computer Associates]
