Saturday 18 June 2011

Killing programs or processes remotely

Lets say you try and upload a trojan to someone's machine and their anti virus picks it up. Check if you can get a account on the machine with Administrator rights. If you have an account like that, you can use PSKILL and kill the anti virus program or firewall. You can basically kill any program or process running on the machine, but it must be a Win2k or XP machine. If the person is running norton anti virus the file will be something like nav32.exe. Now with pskill the command will be :

pskill \\ -u administrator nav32.exe is the IP or pc name of the victim

-u administrator is the account you have admin rights to

Nav32.exe is the program file name or process you want to kill. You can use winlogon.exe even and it will most propably give a blue screen after you killed that process.

So now you killed the anti virus or firewall and now you are ready to upload a trojan or keylogger or anything you like...