.:[ packet storm ]:.
                         
security is a global cause
security is a global cause

 Section:  .. / UNIX / penetration / rootkits  /

The software in this directory is provided for the use of System Admins only, and is provided to keep them informed on the backdoors that are currently in circulation. We strongly discourage the use of these tools without proper permission.

Page 3 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 50 - 75 of 217
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: pam_rootkit.tar.gz
Description:
 This pam backdoor allows access to a machine using a backdoor password and arbitrary commands can also be executed without logging in. Logs normal users passwords to a log file. Configurable without recompilation.
Author:gml
File Size:32593
Last Modified:Jul 17 17:52:00 2004
MD5 Checksum:969c99b76280ca474c9f945b12c3becb

 ///  File Name: mix.c
Description:
 Simple generic backdoor protected by a password encrypted with an MD5 hash. Gets added into inittab.
Author:Serial Killah
File Size:5244
Last Modified:May 20 17:56:09 2004
MD5 Checksum:472a0b9ee3932c0c401d7f1c6c043625

 ///  File Name: tumbler.tar.gz
Description:
 tumbler is a protocol that enables a client piece of software to securely tell a server process on a remote machine to execute a predetermined command. tumbler is similar to port knocking and is designed so that a remote user can securely and stealthily enable and disable server processes, or open and close firewall holes on a computer connected to the Internet.
Author:John Graham-Cumming
Homepage:http://tumbler.sourceforge.net/
File Size:10240
Last Modified:Apr 18 20:45:00 2004
MD5 Checksum:b76000ec994e66526b964d7c579646ba

 ///  File Name: toolkit.tgz
Description:
 The R3dstorm Toolkit is a rootkit like utility which hides processes and files and was tested on Red Hat 9.0.
Author:r3dstorm
File Size:1870878
Last Modified:Jan 6 03:17:32 2004
MD5 Checksum:b8d3e1b38213fa172890f41e30411dab

 ///  File Name: SAdoor-20031217.tgz
Description:
 SADoor is a non-listening remote administration tool for Unix systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent Blowfish encoded in the TCP payload and decoded and passed on to system(3).
Author:CMN
Homepage:http://cmn.listprojects.darklab.org/
Changes:Added a new client side application to edit database files. First release of winserver, a version of SADoor for Microsoft Windows.
File Size:472315
Last Modified:Dec 18 17:31:08 2003
MD5 Checksum:dbf4d2850da1c3d1d1849075725a7487

 ///  File Name: mybindshell2.c
Description:
 Bindshell which has a password and defaults to tcp port 1348. Includes the ability to only allow certain IP's.
Author:Konewka
Homepage:http://www.olek.org/code
File Size:2157
Last Modified:Dec 14 22:25:49 2003
MD5 Checksum:ced8adcc43ee20caf12d6b514bcc2b45

 ///  File Name: tunnelshell_2.3.tgz
Description:
 Tunnelshell is a client/server program written in C for Linux users that tunnels a shell using various methods which can bypass firewalls, such as fragmented packets, tcp ACK packets, UDP, ICMP, and raw IP packets (ipsec).
Author:fryxar
Homepage:http://www.geocities.com/fryxar
File Size:7410
Last Modified:Nov 21 13:35:56 2003
MD5 Checksum:2cff53694f9cfe864f65d83f9901529b

 ///  File Name: superkit.tar.gz
Description:
 Superkit is an extremely user-friendly rootkit that hides files, processes, and connections. It provides a password protected remote access connect-back shell initiated by a spoofed packet. It is loaded via /dev/kmem, without support for loadable modules required, and cannot be detected by checking the syscall table, because it redirects the kernel entry point to a private copy of the syscall table. A couple of backdoors are included.
Author:mostarac
File Size:49939
Last Modified:Nov 13 21:24:05 2003
MD5 Checksum:9b98867b4b10b9461c06b82f42d2e9b0

 ///  File Name: pam_backdoor.tar.gz
Description:
 Proof of concept PAM backdoor for Linux and FreeBSD that adds a magic password.
Author:gml
File Size:464988
Last Modified:Nov 5 00:26:13 2003
MD5 Checksum:52400e00f20a11515b0e1e1bf7ee367b

 ///  File Name: rTelv2.8.zip
Description:
 Reverse telnet redirector / port redirector and front end console for Windows. Perfect for firewall bypassing from inside out. Can be used for bouncing connections, piping or relaying data, or as a quick MIM chat server. Windows executable form only.
Author:PrOpHeT
File Size:935488
Last Modified:Oct 29 23:03:42 2003
MD5 Checksum:31f4b59f08429f1e835b1989cd535d5c

 ///  File Name: rrc_v0.2.tar.gz
Description:
 RRC (Roland Remote Control) v0.2 can be used to control a linux box from a remote location.
Author:Roland
File Size:4623
Last Modified:Oct 29 22:58:35 2003
MD5 Checksum:57dc5fcde41b7e0100ff50d76b3a617f

 ///  File Name: ntbindshell.zip
Description:
 Ntbindshell is a lightweight (24k compiled) cmd.exe backdoor for Windows. Full C source included. Provides two modes of operation - standard (listening mode) or reverse-connect mode. Includes the ability to install itself as a system service, providing a shell with LocalSystem privileges.
Author:Christophe Devine
File Size:13548
Last Modified:Oct 20 21:54:48 2003
MD5 Checksum:f9263c604245a5fdff0843915d6936c4

 ///  File Name: mybindshell.c
Description:
 Bindshell which has a password and defaults to tcp port 1348.
Author:Kafar
Homepage:http://www.olek.org/code
File Size:1305
Last Modified:Oct 15 16:14:24 2003
MD5 Checksum:acb885a3faa8b9468e8197811d7f280f

 ///  File Name: login-back.c
Description:
 Backdoor for login where the original binary must be renamed and only gets called whenever the remote user's TERM variable is not set to the magic password. If the magic password is set, the user gets the option of a shell with or without logging.
Author:tracewar
File Size:1488
Last Modified:Oct 2 13:09:48 2003
MD5 Checksum:c0a77d42bb53610b4ec2daf01cda55b1

 ///  File Name: 0x333openssh-3.7.1p2.tar.gz
Description:
 Backdoored version of OpenSSH 3.7.1p2 that uses a magic password referenced via an md5 hash in a file, logs logins and passwords to a specified file, and can run without the backdoors being active.
Author:nsn
Homepage:http://www.0x333.org
File Size:801501
Last Modified:Sep 26 19:12:17 2003
MD5 Checksum:008690b0235471672d814b9db06d94f4

 ///  File Name: SAdoor-20030805.tgz
Description:
 SADoor is a non-listening remote administration tool for Unix systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent Blowfish encoded in the TCP payload and decoded and passed on to system(3). First non-beta release.
Author:CMN
Homepage:http://cmn.listprojects.darklab.org/
File Size:322932
Last Modified:Aug 11 22:47:12 2003
MD5 Checksum:82794a18353dde4f520ef3a53f99cd4b

 ///  File Name: firedoor-0.2.tar.gz
Description:
 firedoor forwards any TCP connection behind a firewall using techniques similar to reverse telneting. Written in Java 1.4, so it is very small and can run on both Linux and Win32 without modifications. Source file included.
Author:Joker
Homepage:http://olives.ath.cx/~j0ker/
File Size:10511
Last Modified:Aug 11 12:18:14 2003
MD5 Checksum:984aa4861deeb9af70a9cee118a49278

 ///  File Name: defuserootkit2.tar
Description:
 Updated version of a utility that removes LKM rootkits that normally are undetectable via the help of vmalloc which manages the memory for a kernel module. Tested against Adore, Knark, Sinapse, Heroin, and others.
Author:cameleonu
File Size:30720
Last Modified:May 29 00:44:42 2003
MD5 Checksum:8c15ca479777cb3e1c5f8923e059f85f

 ///  File Name: openssh-3.6p2-bd.diff
Description:
 OpenSSH 3.6p2 backdoor that logs all logins and passwords to a file. Original backdoor ported for 3.6p2 by ajax.
File Size:5471
Last Modified:May 28 05:13:29 2003
MD5 Checksum:ed31a68cc3dc02ff8414481e41aa096e

 ///  File Name: defuserootkit.tar
Description:
 This utility removes LKM rootkits that normally are undetectable via the help of vmalloc which manages the memory for a kernel module. Tested against Adore, Knark, Sinapse, Heroin, and others.
Author:cameleonu
File Size:20480
Last Modified:May 8 21:00:45 2003
MD5 Checksum:0488beaaf98b29ec2446da6c6665766d

 ///  File Name: blowdoor30.c
Description:
 Blowdoor v3.0 is a backdoor for Unix systems and uses md5sum passwords for authentication.
Author:Bl0w
Homepage:http://www.secworld.org
Changes:Fixed bugs.
File Size:4109
Last Modified:Apr 18 03:41:36 2003
MD5 Checksum:fbfef3f0719882d9ac666ac376c68036

 ///  File Name: Mr-Lynd0v1.2.c
Description:
 Mr-Lynd0 is a log cleaner and an instrument to hide user or to change user and host. cleans ip user and host in log files /var/log/ and hides yourself in a linux box editing wtmp and utmp. Version 1.2 released with bugfixes.
Author:click
File Size:6218
Last Modified:Mar 7 01:38:35 2003
MD5 Checksum:586820ca8ebab3a1e7edf4599c1a43d8

 ///  File Name: file.c
Description:
 OpenBSD and NetBSD LKM which hides files by patching getdirentries().
Author:George Dissios
Homepage:http://www.frapes.org
File Size:1920
Last Modified:Jan 5 02:50:56 2003
MD5 Checksum:770290c363c15e13d3eb89a80e65aa4e

 ///  File Name: ES-Malaria.tar.gz
Description:
 ES-Malaria is a ptrace() injector.
Author:Brain Storm
File Size:3222
Last Modified:Dec 24 03:56:59 2002
MD5 Checksum:7fe96ade196dc0c3b70e65b6ce6b8242

 ///  File Name: sneaky-sneaky-1.48.tar.gz
Description:
 Sneaky-sneaky is a bidirectional spoofed ICMP tunnel backdoor that has built-in encryption and logging capabilities. It communicates via echo replies keeping the true source IP address encrypted inside of the payload.
Author:Phish
Changes:Now with delays, decoys, timeouts and spoofing options.
File Size:21256
Last Modified:Dec 24 03:44:39 2002
MD5 Checksum:d670d308e31f0caca1bda8cde0fc72c2
 

 ///  Last 10 Files
  1. :· dsa-2016-1.txt
  2. :· darkmysqli-injection.pdf
  3. :· ananta-sql.txt
  4. :· joomlacomp-sql.txt
  5. :· joomlait-sql.txt
  6. :· sunjava-xsrf.txt
  7. :· joomlagm-sql.txt
  8. :· gwdatachineseforum-sql.txt
  9. :· mambomambadscasb-sql.txt
  10. :· geekhelps-lfisql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· dsa-2016-1.txt
  2. :· vupensafari-overflow.txt
  3. :· dsa-2014-1.txt
  4. :· USN-911-1.txt
  5. :· dsa-2012-1.txt
  6. :· 03.11.10-1.txt
  7. :· dsa-2013-1.txt
  8. :· MDVSA-2010-061.txt
  9. :· ZDI-10-027.txt
  10. :· ZDI-10-028.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· ananta-sql.txt
  2. :· joomlacomp-sql.txt
  3. :· joomlait-sql.txt
  4. :· sunjava-xsrf.txt
  5. :· joomlagm-sql.txt
  6. :· gwdatachineseforum-sql.txt
  7. :· mambomambadscasb-sql.txt
  8. :· geekhelps-lfisql.txt
  9. :· adboard-lfi.txt
  10. :· liquidXML-0day.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· nuxkeylogger0.0.1.c
  2. :· samhain-2.6.3.tar.gz
  3. :· cookiemonster_v1.6.zip
  4. :· gnupg-2.0.15.tar.bz2
  5. :· fwbuilder-4.0.0.tar.gz
  6. :· tor.uclibc.i686.20100309.iso
  7. :· reverberation.c
  8. :· Ravage.zip
  9. :· reglookup-0.12.0.tar.gz
  10. :· khc_0.2.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· darkmysqli-injection.pdf
  2. :· tcpdump.pdf
  3. :· physical-terminations.pdf
  4. :· common-ports.pdf
  5. :· Wireshark_Display_Filters.pdf
  6. :· VLANs.pdf
  7. :· Spanning_Tree.pdf
  8. :· QoS.pdf
  9. :· PPP.pdf
  10. :· OSPF.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice