About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Security Consulting
Feedback Form

SecureMac Software


Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing

Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry Security Resources
Marketing Macintosh Security Programs

Sub7 Mac Edition Server


Security for the Macintosh computers has changed rapidly over the past few years, this is the first MacUsers have had to face such a large scale trojan as PC users have. Team2600 - A Macintosh programming group created the client to the server back in early 2001 offering Macintosh users a way to remotely control Sub7 infected computers.

Days after the announcement of the development of the Sub7 server for the Macintosh given at the hacker convention in Las Vegas, Nevada it was quickly marked as a trojan/virus. July 29th 2001 it is here - Sub7 Server for the Macintosh. Sub7Me Alpha Server is a prototype server for remote control of your mac using the Subseven Protocol. Call it a trojan a virus or a remote administration tool. The fact is that there's a Macintosh application capable of uncountable uses that was available for the Windows platform and is now out for the Macintosh.

What is Sub7?
Sub7 or Subseven is a program designed to remain hidden once installed allowing user(s) to remotely access the computer it is installed on with a client. Tasks may be performed remotely allowing the user to do such commands as reboot, shutdown, chat with user, log keystrokes, activate screensaver displaying texts, see hard drive files and execute commands on them. When the program was origionally released for the PC platform it was quickly labeled as a trojan along with NetBus and Back Orifice. Now some of those tools have regained their titles as remote administration tools rather than trojans and have been taken out of many anti-virus definitions.

Although the author (Agent OJ - Team2600) stated "Sub7Me is meant to be a remote administration tool for your Macintosh, not a hacking program." many think otherwise.

The Alpha version of the server isn't complete, but it gives a preview of many of the features that will be contained in the final version. Some of these include:

Subseven Sub Seven Macintosh

*PCInfo - Get info about the Macintosh running the server, including the Hard Drive name, Processor type and speed, OS version, etc. In the future this will also show how much space there is on the hard drive, as well as how many clients are connected to the server.

*HomeInfo - Get information about the main user of the computer running server, including e-mail address, real name, as well as the organization they are affiliated with.

*Chat - Chat with someone at the computer the server is running on...they can't chat back yet, nor can you chat with other clients connected to the system, but this is something they will fully enable in the next version.

*Basic computer functions - Shutdown and Restart the computer, show or hide the menubar and control strip, show and hide the mouse, make the speaker beep...all these features are included in the server.

Port Change - Open alternative ports to connect to.

In the works
    FTP access
    Drop a PPP Connection and reconnect
    Matrix - ...The Matrix has you!!
Sub7 for Macintosh
Above is the Sub7Me client connected to a computer running Sub7Me server

Although this isn't the first remote administration tool for the Macintosh that remains hidden from the user (see RAE) it is the first designed using a PC trojan protocol.

Update Your Virus Definitions
Although the July virus definitions for all the anti-virus companies do not contain a protection against the sub7 server for the Macintosh we are sure they will take the appropriate steps to keep your system secure in the future.

Takedown Server Suite, Remote Admin Extension and Sub7 Server are not in any of the anti-virus vendors definitions for the Macintosh. These are all serious trojans. Contact your anti-virus company and tell them to get on top of it. You are not downloading all the updates to be secure from PC Word Macro scripts.

Keeping your Mac Secure:
Do not install anything without knowing exactly what it is supposed to do. Using programs like DriveSpy to keep logs of installation activities can also help in recovery from the install. Sub7Me server is a extension that remains invisible in the system folder leaving no traces (preferences) of existance outside the extension itself. The extension name can be named anything by the person installing and the port it connects can be configured usising the tool it is packaged with.

Download Sub7Me Alpha Server

Sub7Me Server does not work on Mac OS X.

How is Sub7Me different from the PC version of Subseven?

Although Sub7Me utilizes the Subseven protocol so it is compatible with the PC client for Subseven, Sub7Me is supposed to be a remote administration tool for your Macintosh, not a hacking program. Sub7Me has far fewer features than the PC version of Subseven right now, but soon it will have a plethora of features not included in the PC version of Subseven.

The program is here for download because it has been argued that the Sub7 Server Suite is not a trojan and is a administrative tool. Parents, Teachers, and Bosses can find legitimate uses for this program, sometimes it is more appropriate to have hidden software to monitor computers rather than programs such as Timbuktu utilizing too much ram and letting the computer user know when someone is connected to the computer - which does remote administration but for a price. This program is free for use. Remember to set the password so users can not penetrate the system remotely if you install on your computer.


Enter Email Address:

Enter your message:

Select Either of These Two Buttons

Security + OS
PowerBook Security Control Panel
Empower Pro
Deus Lock Master
Keys Off
MacOS Algorithm
Modem Security
Password Key
Shift Key Suite
Stealth Signal
SuperLock Lite
SuperLock Pro

Macintosh Viruses
Sophos Anti-Virus
Norton AntiVirus
Nav 7 Nav 6 Nav X
Virex - Oct
VirusBarrier - Netupdate
vScan - Discontinued.

Mac Physical Security

Macintosh Firewalls
DoorStop Firewall
Firewall Q & A
Norton Personal Firewall

Mac Spyware & Privacy
NetShred - Delete Files Safely

Network Security
Oyabun Tools

Application Security Issues
AIM - AOL Instant Messenger
Back Orifice
Eudora E-Mail Client
Internet Configure
IE 5.1, OE 5.1, Powerpoint, Excel Vulnerability
MS Personal webServer
Outlook Express 4.5 Password Flaw
Sub7ME Server

Resource Info
AppleShare Server Info

Mac OS Encryption
My Secret
PGP Personal
PGP Freeware
Private File
Quick Encrypt
SubRosa Utilities

Deleting Files
Eraser Pro


Apple Hardware

Mac Attack

All material (c) 2014 and respected owners