mendax.org

Among my stealth-like sessions of ninjitsu, working in world-spanning projects of creative genius, and giving it to The Man whenever necessary, I work as a network administrator in a facility with some 200 computers. The tasks at hand range from the ridiculous shmancy-pansy network card installations to the deployment of entire laboratory sub-systems. On a campus consisting of multiple sub-nets, a half-dozen local sites, and a raunchy T1 connection to the Net, I’m on my feet as much as I am in my office.

Given this type of atmosphere, I’m always finding a way to make my job easier, be that by writing custom programs, setting up hidden networks, or diddling with network administration tools. Interestingly enough, when reading an online newsletter of potential security breaches a year earlier, I came across Back Orifice, a program written by the Cult of the Dead Cow and heralded as the impending doom of Microsoft junkies the world over. I found the news quite amusing, as I had been following the cDc’s progress silently over the previous couple years. Needless to say, one thing led to another, and I had incorporated Back Orifice into my box of tools.

Well, as you might imagine, when I first heard about Back Orifice 2000, I was hopefully giddy, itching to get my claws on a copy. Finally, when DefCon weekend was over and Bo2k hit downtown cyberia, I jumped onto the lagged down BO2k site and downloaded all the fun files I could see. This time around, the boys at the cDc not only required me to send in address information due to US export regulations (BO2k uses crazay encryption), but they were also kind enough to throw an installation feature into the mix. Once I had the sucker installed, I couldn’t help but sigh in relief when I saw the commercial-looking GUI. Oh, baby.

For those of you who managed to escape the hype of BO last year, and who missed the few threads that again popped up this year, I’ll try shedding some light on this breakthrough proggy. BO2k is a network administration tool, donned by the media as the ultimate hacker’s tool. It consists of a server, a client, and a server configuration tool. You use this last program to set up the server, then take the respective .exe and run it on someone’s computer. WHAM! Instant server installation, with no dialog boxes, graphics, or waiting time whatsoever. Just plain, clean fun. Then, with the client on your computer, you can connect to any server you’ve set up on someone’s machine, and make full use of BO’s features, which basically gives you full control of the individual’s computer.

Most people are undoubtedly wondering what kind of power Back Orifice really gives the user. Well, if you’re unfamiliar with the original release of Back Orifice, you may be surprised to learn that BO lets you do everything from logging keystrokes on the server machine, to receiving a list of cached passwords. I can not only lock up or reboot a machine running the server, but I can set up web server from it, allowing me to connect to the machine and steal its files. And that’s only the beginning.

Old user’s of Back Orifice will be happy to know that the somewhat annoying GUI of old has been changed. There’s no longer a text-based client, and the professional look of the new GUI leaves me with little concern for the old command-based beauty. Not only can I see a list of all the computers I’ve installed the BO server on, but I can now be connected to as many of them at a time as I want. With a nice, menu-driven interface with drop-down commands, I have immediate access to the various features that BO sports. With ease, I can activate plugins, recall recently-used commands, and maintain workspaces with groups of servers.

How well does it work, though? Sure, Back Orifice has had major hype, and sure, it did what it promised at DefCon, but how well does it perform for the average user? With some reservations, I have to say, “quite well.”

First off, there’s no included text file explaining what all the commands do. While they’re freely available at the BO2k web site, it would have been simple to add a list of commands, their meanings, and their arguments to a text file and throw it into the distribution. Even nicer would have been information in the client app, either as a help file, or as pop-up descriptions on the GUI itself. Given the amount of wasted space on the GUI window, this would have been a nice feature to add, and one that wouldn’t have been difficult to implement at all.

Configuring a server with the included server config tool is a snap, and with almost no gripes, once can get a server running on anyone’s machine. There are exceptions, possibly due to different Windows versions, but my initial attempts at setting up servers came at a fifty-percent success rate. Fortunately, once a server is up and running, it stays up and running, even after the system is rebooted. During my testing of BO2k, I was able to successfully run the server on Win95, Win98, and Win NT machines. Almost every command I issued worked, with the notable exception being “reboot machine,” which only worked half the time.

Simple commands like popping up dialog boxes, viewing passwords, and looking at user files were a snap. In fact, rather than me listing off every gosh-darn feature, I’ll give you a quick run-through of a typical BO session.

Having already configured the client for use in my office at work, all I have to do is open the application, go up to File, and open my last BO desktop session. A second later, I have a list of all the computers I’ve installed the BO2k server on. Assuming I had a call from John Doe about a misconfigured batch file due to drive remappings after switching to a new network system, I can fix the problem without running to the computer in question. Instead, I double click on the computer the program is installed on, press the connect button when the respective properties dialog comes up, and I can then make use of all of BO’s features.

Though I forgot where the file I’m looking for is stored, I know the name of it. So, I click on the “File/Directory” group on the BO client window, go down to “Find File,” and then type in the root path of the file and the filename I’m looking for. I hit “Send Command,” and the file’s location is spit out. Once I modify the file, I’ll need to copy it to other machines in the same lab, so to simplify things, I set up a small web server on the computer. I go to the “TCP/IP group,” click on “Map Port -> HTTP Fileserver,” and type in the port number I want to connect to, and the root path to where the file is located. I now open up my web browser, point it to the machine in question, and receive a list of all the files at the root path I specified. I save the file I want, make the changes on my end, save the file, and upload it through the convenient upload form on the machine’s web site.

Since John will need to use the modified batch file ASAP, I may as well have it running. However, I don’t want to start the program right away, as he may be using his computer for something else. To check this, I access BO PEEP, an included plugin for BO2k. All have to do is go to the BO PEEP group, start a vidstream by typing in my network settings and deasired resolution, and then click the “Send Command button.” I then go up to the Plugins menu, select “BO PEEP,” and run the VidStream Client. I hit the “Connect” button, type in the network settings I configured the BO PEEP server with, and voila! A second later, I have a window to John’s computer. I shake my head when I see what he’s doing; looking at porn again.

No problem. I could easily shut down his browser, but he could just restart it again. So, I click on the “GUI” menu, select “System Message Box,” and send him a nice reminder that he should be doing work. I check the VidStream window and see the message box pop up. Had he a webcam set up, I could enjoy seeing his reaction to my message, but I can leave that to my imagination. To get on with things, I click on “Process Control,” “Start Process,” and fill in the path to the batch file. After sending the command, I check the VidStream window, and sure enough, the program loads without a problem.

Of course, the above example only skims the surface of BO2k’s power. I needn’t even go into how much fun BO2k can be at a LANParty, especially when half the attendee’s are too stupid to set up shares properly. And, what better way to get that kickass savegame off yer buddy? Granted, BO2k suffers from some problems, especially if the host’s client resources are low. Every once in a while, certain programs will mess with BO2k as well, and if you’re deploying the program in an environment with frequently-updated anti-virus software, you may have to configure it not to auto-disable BO2k servers.

Even with its shortcomings, BO2k is the best network admin tool out there, and not only is it easy to get your hands on, but it’s free. And, adding to the glory which is BO2k, it’s open source, so creating updates, variants, and plugins is a snap for any do-good programmer. The downside to this, of course, are the thousands of lamers who use this program to show off their 3733t h4xor sk337s. Understanding how BO2k works, however, will help you protect your network from BO2k as well. Either way, if you want an edge in network administrating, or simply want to keep tabs on your employees (which is kinda sick, really), BO2k might just be for you.

Popularity: 1% [?]