Client
Q.1 What is SubSeven?Q.2 Why does ANTI-VIRUS detect SubSeven as a virus?Q.3 What Does the client do in SubSeven?Q.4 How do I connect to other Computers?Q.5 How do I know the IP and Port and what are they?Q.6 How come I receive a notify but I can't connect?Q.7 After I connect to a system it doesn't respond why?Q.8 Some features don't seem to work why?Q.9 How can I bypass passworded servers?Q.10 Does the remote system have to have ICQ to make ICQ notify work?
EditServer
Q.1 Why do I need to edit the server?Q.2 What is the best startup method?Q.3 What is the best notify method?Q.4 What is port number and what should I put?Q.5 Why would I need a password on my server?Q.6 What is the server name or should I choose random?Q.7 why would I need melt/bind/fake error msg?Q.8 SIN.exe and how I use it if I have a dynamic IP?
Server
Q.1 How can I make people run my server?Q.2 How can I make the server undetected?Q.3 How do I find SubSeven servers?Q.4 Sending SubSeven to my friend takes time on my Dialup?
A.1 SubSeven is a R.A.T ( Remote Administration Tool ) For Windows. Executing server.exe on Windows 9x/NTx system will allow
full remote access on that system. SubSeven has many features which made it one of the best programs around. SubSeven contains
a client, editserver, and server.
A.2 ANTI-VIRUS programs consider SubSeven as a virus because SubSeven is not a freeware/shareware. Also many users use it for
illegal activities like packeting, stealing credit cards, stealing programs, etc. But it can be user legitimately for instance
parents could use it to monitor their children activities and people can use it to control their PCs from home/work.
A.3 The SubSeven client allows you to connect to any windows system that ran server.exe before. The client contain tips on each
button, also it has various options to give you full access on the remote system.
A.4 First, to be able to connect to any remote system. Make sure the server.exe is executed successfully on that PC. Then make
sure you know the IP and port for that system.
A.5 To know the answer to this question, you need to know that every system connected to the internet has a unique IP address.
Simply it is like each home/office/building on this earth got a unique mailing address. The port number is basically the door
of that building. To know the IP and port, first you need to make sure that the server.exe is executed on that system. Also
you need to know the settings of that server.exe. Consequently, you need to edit the server.exe before you execute it on any
system. if you edited and saved your own settings on server.exe then you should get a notify ( ICQ , email , etc ) whenever
it executed that contains the remote IP and port. If it is your first time, edit your own server.exe and executed on your
own system then use the client to connect your system. (IP 127.0.0.1) (port as you specified when you edited). then test all
the features on your own PC. when you are done remove the server by using the client. DO NOT remove it manually unless you
know what you are doing.
A.6 There are many reasons that might cause this problem. First make sure you have the right IP and port >> copy and paste
them from the notify. Also make sure that the remote computer is alive >> use IP tools to ping the remote IP if it doesn't
respond then its dead or unreachable. then make sure that the remote system is NOT behind a firewall >> use a port scanner
to see if the server is listening on the port you provided when you edited it. if you do not have a port scanner then use
telnet. go to start > run > type telnet IP Port. where IP and port are what you got in notify. if telnet connects then
you need to close your client and reopen it again. Finally if the system you are trying to connect is in a network for instance
you get IP like 192.168.1.120 or 10.0.0.19 then you can't connect to that system unless the router/hub/switch/firewall/gateway
whatever in that network allows you.
A.7 Make sure that the system is alive >> ping it's IP. If it doesn't respond then it went offline. If it does respond
then make sure you are not flooding the server by send it many commands in a short period of time >> close your client
and wait for the server to shutdown that thread, then try and reconnect. And always wait for the current process to
finish, you have to be patient if the remote system is slow.
A.8 Many people update the programs installed on their system that might have changed some settings in their computer that disabled
SubSeven from working properly.
A.9 You can't bypass the password. Some old versions have a masterpassword. But new versions doesn't have that anymore.
A.10 The remote system does NOT have to have ICQ to make the ICQ notify work. Because SubSeven server connects directly to the
ICQ server and send you the notify.
A.1 The server would be worthless if you don't edit it. You have to have your own settings, so you could know who ran that server
also what port was the port installed on. When you edit and save your own server copy, you disallow any foreign access to
that server. I suggest you change the default settings like change your port from 27374 to something between (2048 - 65536).
Then make sure each server has its own name. Finally always set a password on it, so other people wont be able to access it.
A.2 The best startup method is selecting all of them. By selecting all startup method you are making the server more secure cause
some people know how to remove/disable the obvious startup method but they don't expect that you chose to have more than 1
startup method. Also make sure you know what Windows version the server is going to be executed on. Cause some startup methods
support Win9x only others support WinNTx only. Make sure you know what the remote system is running. If you do not know then
choose the safe startup methods that support all Windows versions.
A.3 The best notify method would be enabling all of them. Using ICQ, Email, IRC and SIN would give you more chances to know when
is the server online.
A.4 SubSeven port number is basically the door you are going to use to enter any system that ran your server before. To be able
to connect to your server you need to know the port and the IP. You should be getting these from your notifies. The best port
number will be any number between (2048 - 65536). I highly recommend changing the default port number 27374.
A.5 SubSeven makes it easy for you to protect your server. I highly recommend that you set a password on your server so no one
else we will be to access that server unless they know the password.
A.6 This feature allows you to make your server more random if you choose so. Random will be the best choice here unless you
want to specify a name for your own purpose.
A.7 Each one of them has it's own purpose. Melt option will delete the server after execution, in fact it will install itself
to windows/system folder then it will delete itself. Bind option allows you to join any EXE file to your server to make sure
that the person who runs that server won't feel strange about it. Same thing for fake error msg.
A.8 SIN.exe is Static IP Notifier. Instead of using other dependent notifies like ICQ, Email, IRC. SIN allows you to use your
own IP to make the remote system connects to your IP and notifies you when it's online. If you have a dynamic IP you might
be able to make SIN work. (This method isn't tested) you need a free DNS website like dyndns, dns2go, easyDNS, etc. They are
free and allow you to assign a host to your Dynamic IP each time you get on the internet. That way when you edit your server
SIN put the host instead of your IP.
A.1 Lying/Forging facts to people will make it easy for you to make them execute your server. You could say it is your nude picture,
you could say it's a nice game, you could say it is the best protection program ,etc. And to support you lie you need to use
/bind/melt/fake error msg. options. It is not really hard to make people run your server. On the other hard you can use some
exploits in IE, OE, IIS, etc. to execute SubSeven on that system. This subject is really huge to cover in a FAQ. you could
check our help section.
A.2 There are many ways to do this. The easiest would be unpacking the original server that came with SubSeven and repack it
with a different _unknown_ packer. Most Anti-Virus Programs are fooled by this method. Also you could Disassemble your, edit
the ASM file, recompile your own server. For more info about this issue check our help section.
A.3 To find SubSeven Servers you need to use any subnet port scanner on port 27374. Start from your own ISP. If you couldn't
find any of them. Then go to any IRC and whois any person in there then scan that subnet.
A.4 Some people find it hard to send SubSeven server through there Dialup connection to solve this problem. you might need to
upload your edited server to a website and ask your friends to download it. Or you could send them an Uploader/Downloader
( A small program when it's executed will download a file from a website ). Uploaders are fairly small the smallest one I
have ever seen is 1.5 KB. So instead of sending 50 KB or 370 KB server you will only send 1.5 KB uploader that will download
and execute your SubSeven server.