Skip to content
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

What is Backdoor Controller

Backdoor Controller is a sethc.exe replacement that attempts to mask the presence of the well-known backdoor. If you replace sethc.exe with cmd.exe (the normal way of installing the backdoor) you can easily tell the system has been comprimised by pressing the SHIFT key 5 times.

What does Backdoor Controller do

By replacing sethc.exe with backdoor-controller.exe you'll get numerous advantages, for example:

  • If you press the SHIFT key 5 times when a user is logged in, the normal sticky keys window will popup (instead of a command prompt window)
  • When you press the SHIFT key 5 on the Windows login screen, you'll see a non-suspicious looking window popup
    • If you select No the window will disappear and nothing will happen
    • If you select Yes another window will popup asking you to enter the "threshold", in this window you are able to type codes
      • cmd - opens a command prompt window ~ a native CMD.exe process (so you don't face the errors that the old one faces)
      • admin - toggles the creation / deletion of a administrator user account
      • uninstall - uninstalls the backdoor replacing the modified sethc.exe with the original
      • help - shows all the available options for Backdoor Controller


In order to get the native Windows popup dialogs & convert the batch file to an executable, I used Bat To Exe Converter by Fatih Kodak. It's an awesome project, with loads of examples & excellent documentation.




Masking the Sethc.exe backdoor with an anti-detection system.



No releases published


No packages published
You can’t perform that action at this time.