.:[ packet storm ]:.
                               
plan for the worst
plan for the worst

 Section:  .. / UNIX / penetration / rootkits  /

The software in this directory is provided for the use of System Admins only, and is provided to keep them informed on the backdoors that are currently in circulation. We strongly discourage the use of these tools without proper permission.

Page 6 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 125 - 150 of 211
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: adorebsd-0.34.tar.gz
Description:
 AdoreBSD 0.34 - Based off Linux Adore by Stealth. Features hiding files and directories from view, makes processes invisible, hides promiscuous flag and syslog messages, execute as root, hides sysctl mib entries, netstat service hiding, authentication, and module hiding. Developed on FreeBSD 4.3-STABLE.
Author:Bind
Homepage:http://team-teso.net
File Size:9387
Last Modified:May 25 18:24:56 2001
MD5 Checksum:f98864a4f927e04d6f66a010934a08a0

 ///  File Name: adore-0.38.tar.gz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Added 64bit FS support, now fools protection modules as StMichael, and minor fixes.
File Size:14316
Last Modified:May 25 18:17:46 2001
MD5 Checksum:72e80f9fa6ebe9358f7fd0358c8e959f

 ///  File Name: modhide1.c
Description:
 Modhide1.c demonstrates a new method of hiding kernel modules which does not trigger any normal detection techniques because it does not change lsmod or the system call table. Instead it hacks the kernel's memory to make it "forget" the module.
Author:J.B. LeSage
File Size:4296
Last Modified:May 23 19:59:32 2001
MD5 Checksum:38fc557e5f938e246db103109f457d4e

 ///  File Name: knark-2.4.3.tgz
Description:
 Knark v2.4.3 port is a usable kernel-based rootkit for Linux which is based on knark-0.59. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects. Also includes a kernel module to protect Linux 2.4 from knark.
Author:Cyberwinds
File Size:59931
Last Modified:May 21 18:23:10 2001
MD5 Checksum:ca1ebe26ab1138ebe431751f526df817

 ///  File Name: kbdis.c
Description:
 kbdis.c disables the keyboard on most x86 systems. Useful for locking out root in a pinch.
Author:Sorcerer
File Size:241
Last Modified:May 8 18:55:53 2001
MD5 Checksum:b993d33d0fe64d76d9829f0ed97d6ab1

 ///  File Name: Netstat.zip
Description:
 Netstat.zip is a fake windows netstat which can hide certain network connections. Requires renaming the original netstat.
Author:Digital Fire
File Size:15843
Last Modified:Apr 24 20:18:22 2001
MD5 Checksum:97d5d9a6abab7e7c5a2b97e38252db12

 ///  File Name: infiltrator.tar.gz
Description:
 Infiltrator is a unix trojan creation program.
Author:G0ne
Homepage:http://www.scrypt.net/~g0ne/
File Size:13420
Last Modified:Apr 23 22:07:40 2001
MD5 Checksum:5a067b61f231c1e35933ab518a6b0e90

 ///  File Name: Q-2.4.tar.gz
Description:
 Q v2.4 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports.
Author:Mixter
Homepage:http://mixter.void.ru
Changes:Now uses strong RSA/libiSSL encryption for sessions; compatibility with libmix1.2; many bugfixes.
File Size:319968
Last Modified:Apr 15 13:38:37 2001
MD5 Checksum:45a5b2c2b2612f6d6703cd984cc1d8e1

 ///  File Name: maxty.tar.gz
Description:
 Maxty is a small kernel-space tty sniffer. It is a LKM which will attach to read/write syscalls and save incoming/outgoing requests to opened tty devices into separate log files. It provides a way keeping a track what is happening on virtual consoles similar to a keystroke recorder.
Author:Paul
File Size:4867
Last Modified:Apr 6 21:04:31 2001
MD5 Checksum:8ed7a10a7153e74d0f1495d65783dc4d

 ///  File Name: adore-0.34.tgz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Improved 2.4 support, better authentication checking, permanent PID removal, configure script, experimental exec redirection for i386.
File Size:13470
Last Modified:Mar 26 19:50:38 2001
MD5 Checksum:69b3453f1fb1650388fc63297652d221

 ///  File Name: apachebd.tgz
Description:
 Apache backdoor - Backdoors apache 1.3.17 / 1.3.19 to spawn a root shell when a certain page is requested.
Author:Venomous
File Size:3026
Last Modified:Mar 19 03:30:44 2001
MD5 Checksum:16607a98f128adb61a82b23f660bfc19

 ///  File Name: Synapsys-lkm.tar.gz
Description:
 Synapsis is a LKM rootkit for Linux which features file hiding, process hiding, user hiding, magic UID, and netstat hiding.
Author:Berserker
Homepage:http://www.neural-collapse.org
File Size:5298
Last Modified:Mar 16 17:27:35 2001
MD5 Checksum:aa9aeedd64b1d79407698c5703d358fc

 ///  File Name: Rkit-1.01.tgz
Description:
 RKit is a Linux LKM backdoor/rootkit which intercepts the SYS_setuid call and ups a specified UID to 0 when that user logs in thereby successfully (and covertly) backdooring the root account.
Author:TBob
File Size:1878
Last Modified:Mar 15 18:58:24 2001
MD5 Checksum:e6097ee042b27caf6263bec25f484838

 ///  File Name: cbd.c.txt
Description:
 CBD.c is a simple backdoor which allows machines behind firewalls to be controlled via outgoing connections.
Author:Grazer
Homepage:http://www.digit-labs.or
File Size:1160
Last Modified:Feb 20 21:07:05 2001
MD5 Checksum:85c194f62635a80b322a0566ac30942e

 ///  File Name: adore-0.31.tar.gz
Description:
 Adore is a linux LKM based rootkit. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Automatic configuration, bug fixes.
File Size:9738
Last Modified:Jan 9 13:54:45 2001
MD5 Checksum:4bdf75cfb7735741285ae82f5b5d4df6

 ///  File Name: thclinbd.tar.gz
Description:
 THC Backdoor for Linux - This is a simple but useful backdoor for Linux based on a FreeBSD lkm by pragmatic/THC.
Author:bELFaghor
Homepage:http://www.s0ftpj.org
File Size:997
Last Modified:Jan 4 19:39:14 2001
MD5 Checksum:7855b79979217cd5813788e01a0e1b83

 ///  File Name: thcobsdbd.tar.gz
Description:
 THC Backdoor ported to OpenBSD - This is a simple but useful backdoor for OpenBSD based on a FreeBSD lkm by pragmatic/THC.
Author:Pigpen
Homepage:http://www.s0ftpj.org
File Size:1582
Last Modified:Jan 4 19:37:46 2001
MD5 Checksum:11ada1cc8831dc0a793e5b9c3a2c9b78

 ///  File Name: aasniff.tar.gz
Description:
 Anti Anti Sniffer Patch - Linux kernel patches to hide a sniffer from the most known anti-sniffers.
Author:Vecna
Homepage:http://www.s0ftpj.org
File Size:2649
Last Modified:Jan 4 17:55:58 2001
MD5 Checksum:864e1c903014d25f0b1e5c91a79785b2

 ///  File Name: eshell.c
Description:
 Eshell.c is a encrypted bindshell type backdoor which has a server daemon and client with AES encryption via libmix.
Author:Luki Rustianto
Homepage:http://www.karet.org
File Size:5667
Last Modified:Jan 4 17:40:11 2001
MD5 Checksum:75b97d78a51fdf7a51d4eb6fbd64fd9e

 ///  File Name: ark-1.0.1.tar.gz
Description:
 ARK version 1.0.1 - Ambient's Rootkit for Linux. Binaries only. This package includes backdoored versions of syslogd, login, sshd, ls, du, ps, pstree, killall, and netstat.
Author:Ambient
Changes:sshd backdoor is fixed, and top backdoor is now included. Warning: ARK sends email to a free email account on each system it is installed on - It is backdoored.
File Size:526758
Last Modified:Dec 30 20:34:19 2000
MD5 Checksum:be9b7c48c5102c32c72b410db8862d05

 ///  File Name: asmd.tgz
Description:
 ASMD is a local root backdoor which is a wrapper which can wrap any setuid binary.
Author:Ripper
File Size:2132
Last Modified:Dec 16 22:20:36 2000
MD5 Checksum:cf80ea5f62e7ba91e765a5b5054b23f7

 ///  File Name: lbk.tar.gz
Description:
 LBK is a local kernel based (kld) backdoor for FreeBSD 4.0 which provides a root shell if the TERM environment variable is set with the password.
Author:Cyrax
Homepage:http://www.pkcrew.org
File Size:1190
Last Modified:Dec 11 19:02:06 2000
MD5 Checksum:9c0ce7942d25d16b8b7571dc588039f0

 ///  File Name: ark-1.0.tar.gz
Description:
 ARK version 1.0 - Ambient's Rootkit for Linux. Binaries only. This package includes backdoored versions of syslogd, login, sshd, ls, du, ps, pstree, killall, and netstat. Warning: ARK sends email to a free email account on each system it is installed on - It is backdoored.
File Size:497089
Last Modified:Dec 8 04:21:14 2000
MD5 Checksum:e5ccf93c811a9f73166051c1651001e9

 ///  File Name: rkit.tar.gz
Description:
 Rkit is a backdoor based on blackhole.c which listens on a TCP port and requires a password.
Author:Deathrow
Homepage:http://deathr0w.speckz.com/index.html
File Size:2721
Last Modified:Dec 3 11:20:52 2000
MD5 Checksum:8cd3dd5deb68b4331d9ef2daaaf04400

 ///  File Name: ddb-sfe.tar.gz
Description:
 An backdoor that lets you to reach root/user account shells over tcp channel using a procedure of callback initialized by a ICMP packet.
Author:The Recidjvo
Homepage:http://www.pkcrew.org
File Size:3447
Last Modified:Dec 2 21:25:51 2000
MD5 Checksum:8e1eeb8715c5e2283f2db800d0ef06f7
 

 ///  Last 10 Files
  1. :· MDVSA-2008-235.txt
  2. :· cambridge-sql.txt
  3. :· verlihub-exec.txt
  4. :· DDIVRT-2008-15.txt
  5. :· openssh-cbc-adv.txt
  6. :· joomlathyme-sql.txt
  7. :· BitDefenderDOS.zip
  8. :· fwknop-1.9.9.tar.gz
  9. :· kvirc-exec.txt
  10. :· vcalendar-disclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-235.txt
  2. :· DDIVRT-2008-15.txt
  3. :· openssh-cbc-adv.txt
  4. :· ZDI-08-076.txt
  5. :· ZDI-08-075.txt
  6. :· MDVSA-2008-233.txt
  7. :· SSRT080059.txt
  8. :· MDVSA-2008-220-1.txt
  9. :· MDVSA-2008-232.txt
  10. :· USN-674-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· cambridge-sql.txt
  2. :· verlihub-exec.txt
  3. :· joomlathyme-sql.txt
  4. :· BitDefenderDOS.zip
  5. :· kvirc-exec.txt
  6. :· vcalendar-disclose.txt
  7. :· toursmanager-blindsql.txt
  8. :· phprsgal-sql.txt
  9. :· natterchat-sql.txt
  10. :· php526-bypass.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· fwknop-1.9.9.tar.gz
  2. :· pysumpas-0.2.0.tar.gz
  3. :· framework-3.2.tar.gz
  4. :· tor.uclibc.i686.20081115.iso
  5. :· RFIDIOt-Windows-0.1u.zip
  6. :· RFIDIOt-0.1u.tgz
  7. :· dps-v1.5.tar.gz
  8. :· smbrelay3.zip
  9. :· mptrey.tar.gz
  10. :· dotnetsploitsrc-1.0.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· java2-malware.pdf
  2. :· return-to-libc-linux.txt
  3. :· stack-overflow-linux.txt
  4. :· smallest_setuid_execve_sc.c
  5. :· sudoers-shellcode.txt
  6. :· strongswan-4.2.9.tar.gz
  7. :· hodetector-shellcode.txt
  8. :· rtm-essential5.pdf
  9. :· unixasm-1.3.0.tar.gz
  10. :· bnd-networks.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice