Copyright 1998 © Carl-Fredrik Neikter
All Rights Reserved
The program can be used as an remote administration tool, or more likely, just to have some fun with your friends on your local network, or even over the global internet (should not be used to systematic irritate people).
NetBus consists of a server and a client-part. The server-part is the program which must exists on the personís computer that you want to have fun with. The client-part is your little, nice program that "controls" the target computer!
1. Put the NetBus server, Patch.exe (which can be renamed), anywhere on the target computer and run it. By default it installs itself in the system, so it starts automatically every time Windows starts.
2. Put the NetBus client, NetBus.exe, on your computer.
3. Start NetBus and choose which hostname (or IP-number) you wish to connect to! If Patch is running on the target computer you will able to connect. Letís have fun!
Note that you donít see Patch when itís running - itís hiding itself automatically at start-up!
TCP/IP is the protocol that NetBus and Patch is using. That is, you address someone with host-names or IP-numbers. NetBus will connect you to someone with the Connect button.
There are some command-line parameters you can use with Patch:
Patch /noadd means that you donít want Patch to start every Windows-session, probably most used for testing purposes.
Patch /remove removes itself from memory and registry.
If you feel that you want a more sophisticated NetBus-server package that integrates Patch with another software/game you can just execute Patch from that software, and the NetBus server will be installed without any notice.
Note that Patch.exe can be (re-)named to whatever you want.
Of course the NetBus-server is always needed to be run before any client can connect to it. But how do you get it to run on the "victimís" computer if you donít have physical access to it or can "persuade" the user to run it himself?
Actually, it is possible, but to manage this you need to be a skilled programmer. Basically, you will need to find and exploit bugs in Microsoftís Internet-programs. You may have heard of that recently Microsoft wanted all their customers to download a patch for their e-mail clients.
Any unpatched program can give a good hacker the opportunity to execute arbitrary code in the system if the user opens/reads an e-mail that exploits the common "buffer overflow" bug. The filename of the attachment can be long enough to cause an overflow of the stack. This could then cause an jump to some code that lies in the "filename string" which can do anything, for example download programs from Internet and execute it!
The NetBus server doesnít log incoming connections any more.
SysEdit is renamed to Patch and installs itself automatically on the system, without need of the old /add parameter. Because of that, the parameter /noadd was added.
From now on, Patch removes any old instance of itself from memory if you start it twice or more.
Patch now contains KeyHook.dll as a resource, which is extracted at startup!
Patch doesnít show up in the task list (Win95/98).
Deletion of files (added on users request, should not be abused).
Uploaded files can now be placed in any directory.
Keys on the keyboard can be disabled.
Pressing F12 ("boss-key") will minimize NetBus quick and easy into the traybar.
Easier password-protection management.
Message dialog manager.
Show, kill and focus windows.
The first public NetBus-version was released in the middle of march -98. Back then, the user-interface was in swedish and I thought it could be nice to share this program with others. Wow, what reactions and comments it got!
Some months later it appeared natural to translate the program to english. Thanks to this, now NetBus seems to be used and loved (mostly J) everywhere! And since then many people have asked me to do newer versions of this software. This version includes the most requested features, like easier installation.
You contact me by sending an e-mail to email@example.com. Youíre encouraged telling me how fun you have had!
Open/close the CD-ROM once or in intervals (specified in seconds).
Show optional image. If no full path of the image is given it will look for it in the Patch-directory. The supported image-formats is BMP and JPG.
Swap mouse buttons - the right mouse button gets the left mouse buttonís functions and vice versa.
Start optional application.
Play optional sound-file. If no full path of the sound-file is given it will look for it in the Patch-directory. The supported sound-format is WAV.
Point the mouse to optional coordinates. You can even navigate the mouse on the target computer with your own!
Show a message dialog on the screen. The answer is always sent back to you!
Shutdown the system, logoff the user etc.
Go to an optional URL within the default web-browser.
Send keystrokes to the active application on the target computer! The text in the field "Message/text" will be inserted in the application that has focus. ("|" represents enter).
Listen for keystrokes and send them back to you!
Get a screendump! (should not be used over slow connections)
Return information about the target computer.
Upload any file from you to the target computer! With this feature it will be possible to remotely update Patch with a new version.
Increase and decrease the sound-volume.
Record sounds that the microphone catch. The sound is sent back to you!
Make click sounds every time a key is pressed!
Download and deletion of any file from the target. You choose which file you wish to download/delete in a nice view that represents the harddisks on the target!
Keys (letters) on the keyboard can be disabled.
Show, kill and focus windows on the system.
The functions above (there are some logical exceptions) can be delayed an optional number of seconds before they are executing.
The connect button has one very nice feature. It can scan IP-numbers for a NetBus computer. As soon as it connect to someone it will stop. The syntax for IP-scanning is xx.xx.xx.xx+xx, e.g. 127.0.0.1+15 will scan all IP-numbers in the range 127.0.0.1 to 127.0.0.16.
If you just want to have fun with your friendís computer yourself, and donít want someone else to connect to it you can password protect it. To accomplish this you start SysEdit with the parameter /pass:thepassword, or use the administration functions in NetBus.
Now everybody who hasnít the correct password will fail when trying to connect or sending commands to that computer.
You should perhaps test the functions in NetBus against yourself before you start fooling with your friends, so you know whatís happening (send text will, however, not work on yourself)! Your own machine can be addressed via "localhost".
Windows 95, Windows NT or later versions of Windows.