Gerald Quakenbush

StealthVNC is a slightly modified version of the popular VNC tool. It is far from a bona-fide root kit, and it really does need some work, but it is a handy tool for pentesters. But beware I used an older version of the source and at least one of the mods introduces some vulnerabilities; so use it with caution.
Here are the essential changes made:

• Installation was made easier - you don't need to push registry settings anymore. Used to be that to remotely install VNC you had to use a tool like regini to push some registry settings. In this build, there are several hard-codes in the EXE that allows it to function without any registry settings. For instance, there is a hard-coded password. (told you it introduces all new vulnerabilities...)
• Remember that pesky icon in the notification tray? The one that would alert someone that you'd installed VNC on their box? It's gone.
• You know those annoying firewall admins that block just about every port inbound and outbound? Put a file called "callhome" in the same directory as the EXE with an IP address in it and this build will attempt to connect OUT to that address via TCP port 443 whenever the service starts. There are some admins that block 443 outbound, but not too many. (They do after all need their Tuesday patches.)

If you really want to make use of this program outside a lab environment, at the very least you need to alter the hard-coded password. Secondly, there is at least one buffer-overflow hiding in there, can you find it?
This is of course an educational tool, not intended for use on production systems.