Archive Helmet Icon Archive A Reconstructed © MegaSecurity Database

I Feel Lucky I Feel Very Lucky

SubRoot 1.1

Released 23 years, 1 month ago. March 2003

Copyright © MegaSecurity

By cloak

Informations
Author cloak
Family SubRoot
Category Remote Access Telnet
Version SubRoot 1.1
Released Date Mar 2003, 23 years, 1 month ago.
Language Delphi
Additional Information
Server:
c:\WINDOWS\ati2cci.exe 

size: 94.208 bytes 

port: 1420 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Ati2cci"

Author Information / Description
subroot v1.1
by: cloak

note: - use telnet to connect to server
      - connect on port: 1420
      - preffered buffer size = 25
      - using logging on your telnet client is advised
      - login: root
        passw: seawolf

commands:

dir <dir\>                  - gives a specified directory listing
kill <filepath> or <dir\>   - kills a specified file or 'empty' directory
run <filepath>              - runs a specified file
read <filepath>             - reads a specified file
listfree <drive\>           - lists a specified drive's free space
shell <address>             - shells a specified URL address on server
opencd                      - opens cdrom
closecd                     - closes cdrom
swapmouse                   - swaps mouse buttons around
swapmouseback               - swaps mouse buttons back
beep                        - makes pc speaker beep
beepoff                     - stops pc speaker beeping
hidestartbutton             - hides start button
showstartbutton             - shows start button
hidetaskbar                 - hides taskbar
showtaskbar                 - shows taskbar
startcolour                 - cycles through windows colours
stopcolour                  - stops cycling colours
disablecad                  - disables ctrl-alt-delte
enablecad                   - enables ctrl-alt-delete
info                        - displays information about server
sendmsg                     - sends popup message
bluescreen                  - sends blue screen
dboot                       - don't use this unless you have to
reboot                      - reboots server
userlogout                  - logs the server user out
shutdown                    - shuts down server
close                       - closes server
disconnect                  - disconnects from server
cls                         - clears buffer


cloak
cloak @ phreaker.net

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.