Novice has resigned after 3 1/2 years of leading bo2k. Novice has done great improvments to bo2k:
Project Admin from 1 Dec 2003 to 21 March 2007
Developer: Bug fixes to rattler, ricq, interface,legacy and botools plugins as well as the main BO2K server.
Improvements to the botools, interface, regfile, system, and control plugins as well as improvments to the main server and client
Re-wrote the configuration tool.
Implemented the reverse connection protocol for BO2K
Author: srv_boscan, livekeylog, srv_rcgi, simplericq, bo_chat, bo_console and srv_rootkit plugins.
Doc Writer: Wrote the BO2K 1.1.x tutorial.
Fluffy and DiggerX are now Project Managers, now as always we are looking for active people who can help in development work for bo2k. Give us a visit at http://www.bo2k.com/forums.
A new release to support the new bopeep plugin. Package includes a new client, new botool and new bopeep. New bopeep has reverse capability as well as several new features.
All up to date sources for the latest bo2k ver 1.1.5 release are now posted on the bo2k download site.
Basically this is Version 1.1.4 with all (most of ?) the bugs fixed.
From the release notes:
---< 1.1.5 ( 18 Jan 07 ) >---
The first thing that must be stated is that backward compatibility has been compromised to an extent. For the most part you can still communicate between older servers and the new client or older clients and the new server etc. but behavior will be erratic when attempting some commands. It is highly recommended that you replace all older servers and their plugins with all the latest from this package.... read more
a. Stealth now works on all windows systems including Windows XP SP 1 & 2 (injection)
b. Process hop now works on NT/XP systems allowing you to hop from one app to another turning bo2k effectively into the "Ghost in the machine"
c. New option "Listen Socket" allows you to turn on or off bo2k's listening socket for traditional connections...this is useful for when the reverse plugin is installed and you don't want bo2k detected as a listening server.
d. New option "Browser Only" allows you to keep bo2k sitting inert in the background until the default browser starts at which time bo2k will inject itself into the browser and the reverse plugin will attempt outbound connections...effective against firewalls.
e. Delete server changed for injected servers.... read more
Another release to botool this time to include resumable uploads and downloads for both normal and reverse connections. Keeping in mind this kind of thing impacts the server as well as the client there are other plugins that have been changed in order to make this work correctly.
The changed plugins are
1. BoTool - Now version 126.96.36.199
2. srv_regfile.dll - Now version 1.3
3. srv_reverser.dll - Now version 1.2... read more
Latest and probably the last update on the config tool for a while identified as version 188.8.131.52, implements a tabbed interface which allows for greater viewing of the loaded plugins and setting of variables. Overall size of the app has been reduced and a manifest added which gives the app a Windows XP look. Pick it up here: http://bo2k.sf.net/Development/#configtool
Slight upgrade to the srv_control.dll plugin which allows for the melting (bo2k decompression) of plugins when using the "load plugin" command on remote systems. Pick it up here: http://bo2k.sf.net/Development/#srv_control
I have fixed the problems with the keylogger (src_interface.dll) so it should be fully functional now. Problems with target machines lagging have been fixed and the overall size of the plugin has been reduced by almost half.
Pick it up here: http://bo2k.sf.net/Development/
Report bugs/probs here: http://bo2k.sourceforge.net/forums/
I am continuing my updates on the config tool. The latest addition is a Config Dump button. The design is primarily for newbs that are experiencing probs getting a connection...it will allow them to print out the entire server configuration and then post it to the forum where it can be scanned for errors. However, it could also be used by experienced bo2knaughts that want to keep a track of their various servers and their individual settings without having to access copies of the servers themselves. Sources will be up on the CVS shortly.
Usual spot: http://bo2k.sf.net/Development/
Problems or bugs: http://bo2k.sourceforge.net/forums/
I have added a new config tool to the development page. The new tool has the controls rearranged and windows enlarged to give you a better idea of the status of your server. In addition I have added drag and drop for plugin insertion as well as a save warning on closure. Sources will be up shortly on the CVS. Pick it up here: http://bo2k.sf.net/Development/
OK........I put the forum back on sourceforge http://bo2k.sourceforge.net/forums/ ...here's hoping they have solved their problem with the sql tables. I will leave the other temp forum http://www.chumster.co.uk/forum/index.php?mforum=novice222 in case the sourceforge forum starts acting up
We'll reside here til I can find something better.
The main phpBB forums are down, in the mean time use this: https://sourceforge.net/forum/?group_id=4487
Identified as BoTool ver 1.5 this latest version of botool has upload and download on their own threads which means you can upload and download large numbers of files while continueing to browse, copy, delete, rename....etc.
Read more here: http://bo2k.sf.net/forums/
Download it here: http://bo2k.sf.net/Development/
I have released a new srv_rcgi.dll plugin for testing. This plugin has been totally rewritten and optimized bringing the size down from 72 kb to 17 kb for a debug logging version and to 10 kb for a non logging version. The plugin also now uses the registry to store changes as opposed to the ini file in the original. This version was compiled using M$VS .NET 2003. As usual any problems or bugs report on the forum: http://bo2k.sf.net/forums/
Latest version of rattler email notifier has been upgraded to support Authentication methods LOGIN and PLAIN. The CRAM-MD5 auth mechanism has been removed, this method of authentication is not in wide spread use anymore. Overall plugin size has been reduced by half, and minor tweaks have been made including increasing the field size for username and password to 64 characters. The release includes a comprehensive readme file which explains the operation and use of the plugin.
I got some input lately on how rattler was NOT working so I had a look at the code and did some RFC reading. It turns out that our rattler was a touch out of date and needed some modification to bring it into the 21st century. So I made some changes and I think I got the problem solved. The new rattler will authenticate using the most popular method and should work in 95 percent of cases. The plugin can be picked up here: http://bo2k.sf.net/Development/
As usual any problems or bugs let us know here:
I have released a new encryption plugin based on the blowfish algorithm. The plugin was originally written for bo2k version 1.0 by "talis" and I simply ported it to the bo2k version 1.1.x architecture. The plugin can be downloaded from here: http://bo2k.sf.net/software/bo2k11.html#Blowfish
We have also added a new member to the team. m0sQuit0 had joined the bo2k developers and has made significant progress on fixing the srv_system.dll problems in retrieving the correct password hashes.
I have plans to modify the rootkit plugin to increase the capabilities somewhat and work continues on the botool plugin to improve the registry control.
This will allow you to almost totally hide the bo2k server. It will hide both the bo2k process and file from windows, you just won't know its there. Its based on the FU rootkit written by fuzen_op (www.rootkit.com) and works by dropping a small driver into the windows directory which directly manipulates the windows kernel. (Thanks to 'chaos' for the driver help)
The plugin will also allow you to hide any other processes, files or directories that you wish either for that one remote session or permanently.
The plugin is available on the Development page: http://bo2k.sf.net/Development/
The tutorial has a section on Rootkit to explain the use. Any comments suggestions bugs etc should can be documented here or on the bo2k forum: http://bo2k.sourceforge.net/forum/
A new BoTool has been released which allows for Compression and De-compression (freeze and melt) of files on the client machine. In the past it was necessary to launch a server on the client machine to access the compression capabilities. The new botool makes the process point and click simple for one or multiple files.
The new plugin can be found here: http://bo2k.sf.net/Development/ under Client Plugins
Source code is up on the CVS pages for the new reverse plugin. I haven't had any negative feedback on this so far but as always if you have something to report, go to the forums here: http://bo2k.sf.net/forum/
I have been working on a new plugin and its looking good.....details to follow but it will be worth the wait.
The new reverse protocol suite has been released and is available for download here: http://bo2k.sf.net/Development/
The suite comes with three files. The server plugin srv_reverser.dll, a new client with reverse capabilities bo2kgui.exe and a new botool with reverse capabilities cli_botool.dll. Any bugs should be reported to http://bo2k.sf.net/forum/
Work on the bopeep plus plugin has slowed due to buda not having the time to work on it. The latest version I was able to test was working very well so it will be well worth the wait.
The new reverse protocol plugin is 95 percent complete and release should be in May.
I posted a slightly modified version of blackfires old CGI script to alleviate complaints about the CGI notification. The modified older script works quite well according to reports. You can find it here: http://www.bo2k.com/software/bo2k11.html#Rcgi follow the CGI_Script link.
Work will most likely slow down over the summer months but there are some other projects on the back burner that promise to light a new fire within bo2k.... read more
New updates have been added to the bo2k 1.1.3 tutorials which include botool setup and connection. Botool controls and transfer options modules will follow shortly. http://www.bo2k.com/docs/bo2k_1_1_3_tut/Tutorialdocs.html
I will be including a full module on reverse protocol in the near future, testing is going well and a release is anticipated in the next few weeks.