Totalbill listens on port 9998/tcp (sometimes) and allows full control over the software. An exploit script for this has been published.