Archive A Reconstructed © MegaSecurity Database

• a
• b
• c
• d
• e
• f
• g
• h
• i
• j
• k
• l
• m
• n
• o
• p
• q
• r
• s
• t
• u
• v
• w
• x
• y
• z
• other

Server:
size 6 KB

port: 5277 TCP

Startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Invisible telnet server.
Usage:  WinShell [?] [port[@]]

  ?     - this help
  port  - default is 5277
  @     - debug mode

From the above, you could know that if you just want to set WinShell to watch port 23, run: 

C:\>winshell 23 

Of course, if you run "winshell" directly, the winshell will listening default port 5277. 

[Login WinShell]
----------------
use any telnet client program, open host and port as following:

>TELNET host port

If successful, you will see the following message in the telnet box : 

WinShell v2.0 by
[email protected]
- '!' to end, 'Enter' to shell...


now, press '!' key you could terminate the winshell remotely. otherwise, press 'enter' or other key, 
you will enter the remote system command shell. Example in the windows 2000 system: 

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\WinShell>

now, you could execute console command freely! :)

Janker

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.