.:[ packet storm ]:.
                           
the internet's safety
the internet's safety

 Section:  .. / UNIX / penetration / rootkits  /

The software in this directory is provided for the use of System Admins only, and is provided to keep them informed on the backdoors that are currently in circulation. We strongly discourage the use of these tools without proper permission.

Page 6 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 125 - 150 of 217
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: SAdoor.0.2.beta.tgz
Description:
 SADoor is a non-listening remote admin tool for UN*X systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent MIME64 encoded in the TCP payload and decoded and passed on to system(3).
Author:CMN
Homepage:http://www.mdstud.chalmers.se/~md0claes
File Size:32640
Last Modified:Sep 21 00:25:44 2001
MD5 Checksum:cd5507c7d2cdebc30a30ee19977bb14c

 ///  File Name: adore-0.39b4.tgz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Now includes open()/stat() redirection and improved netstat hiding. Removed execution redirection.
File Size:14678
Last Modified:Jul 29 05:48:33 2001
MD5 Checksum:777cbd2a59268b394b79da2bda910a40

 ///  File Name: _root_040.zip
Description:
 Windows NT Rootkit v0.04 alpha - Hides processes, files, directories, has k-mode shell using TCP/IP - you can telnet into rootkit from remote. Hides registry keys - (keyboard patch disabled in this build.) Includes execution redirection.
Homepage:http://www.rootkit.com
File Size:107713
Last Modified:Jul 29 05:16:28 2001
MD5 Checksum:12487fc88e78176f582cbbdbd45f2575

 ///  File Name: kis-0.9.tar.gz
Description:
 KIS is the Kernel Intrusion System, a powerful client / server LKM based rootkit.
Author:Optyx
Homepage:http://www.uberhax0r.net/kis
File Size:87860
Last Modified:Jul 19 19:57:12 2001
MD5 Checksum:55fa64d52771873a841e22a59b00bb42

 ///  File Name: kbdv3.c
Description:
 Kbd v3.0 is a Linux loadable kernel module backdoor. Allows root access by modifying the SYS_utime and SYS_getuid32 system calls. Can be used in conjunction with cleaner.c from the adore root for stealth capability.
Author:Spaceork
File Size:3047
Last Modified:Jul 19 19:49:47 2001
MD5 Checksum:35bb7a88521f2c65ff8d88fa486a7d07

 ///  File Name: tnet-tools-1.55.tar.gz
Description:
 Ifconfig and Netstat trojan - reads interfaces (sit0, eth0, eth0:1) from a file , defined in a char[] array and hides it.
Author:Twiz
Homepage:http://www.twlc.net
File Size:99011
Last Modified:Jul 18 21:31:51 2001
MD5 Checksum:66e7b041c4913304d281ae0701d9b059

 ///  File Name: adorebsd-0.34.tar.gz
Description:
 AdoreBSD 0.34 - Based off Linux Adore by Stealth. Features hiding files and directories from view, makes processes invisible, hides promiscuous flag and syslog messages, execute as root, hides sysctl mib entries, netstat service hiding, authentication, and module hiding. Developed on FreeBSD 4.3-STABLE.
Author:Bind
Homepage:http://team-teso.net
File Size:9387
Last Modified:May 25 18:24:56 2001
MD5 Checksum:f98864a4f927e04d6f66a010934a08a0

 ///  File Name: adore-0.38.tar.gz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Added 64bit FS support, now fools protection modules as StMichael, and minor fixes.
File Size:14316
Last Modified:May 25 18:17:46 2001
MD5 Checksum:72e80f9fa6ebe9358f7fd0358c8e959f

 ///  File Name: modhide1.c
Description:
 Modhide1.c demonstrates a new method of hiding kernel modules which does not trigger any normal detection techniques because it does not change lsmod or the system call table. Instead it hacks the kernel's memory to make it "forget" the module.
Author:Nijen Rode
File Size:4296
Last Modified:May 23 19:59:32 2001
MD5 Checksum:38fc557e5f938e246db103109f457d4e

 ///  File Name: knark-2.4.3.tgz
Description:
 Knark v2.4.3 port is a usable kernel-based rootkit for Linux which is based on knark-0.59. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects. Also includes a kernel module to protect Linux 2.4 from knark.
Author:Cyberwinds
File Size:59931
Last Modified:May 21 18:23:10 2001
MD5 Checksum:ca1ebe26ab1138ebe431751f526df817

 ///  File Name: kbdis.c
Description:
 kbdis.c disables the keyboard on most x86 systems. Useful for locking out root in a pinch.
Author:Nijen Rode
File Size:241
Last Modified:May 8 18:55:53 2001
MD5 Checksum:b993d33d0fe64d76d9829f0ed97d6ab1

 ///  File Name: Netstat.zip
Description:
 Netstat.zip is a fake windows netstat which can hide certain network connections. Requires renaming the original netstat.
Author:Digital Fire
File Size:15843
Last Modified:Apr 24 20:18:22 2001
MD5 Checksum:97d5d9a6abab7e7c5a2b97e38252db12

 ///  File Name: infiltrator.tar.gz
Description:
 Infiltrator is a unix trojan creation program.
Author:G0ne
Homepage:http://www.scrypt.net/~g0ne/
File Size:13420
Last Modified:Apr 23 22:07:40 2001
MD5 Checksum:5a067b61f231c1e35933ab518a6b0e90

 ///  File Name: Q-2.4.tar.gz
Description:
 Q v2.4 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports.
Author:Mixter
Homepage:http://mixter.void.ru
Changes:Now uses strong RSA/libiSSL encryption for sessions; compatibility with libmix1.2; many bugfixes.
File Size:319968
Last Modified:Apr 15 13:38:37 2001
MD5 Checksum:45a5b2c2b2612f6d6703cd984cc1d8e1

 ///  File Name: maxty.tar.gz
Description:
 Maxty is a small kernel-space tty sniffer. It is a LKM which will attach to read/write syscalls and save incoming/outgoing requests to opened tty devices into separate log files. It provides a way keeping a track what is happening on virtual consoles similar to a keystroke recorder.
Author:Paul Starzetz
File Size:4867
Last Modified:Apr 6 21:04:31 2001
MD5 Checksum:8ed7a10a7153e74d0f1495d65783dc4d

 ///  File Name: adore-0.34.tgz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Improved 2.4 support, better authentication checking, permanent PID removal, configure script, experimental exec redirection for i386.
File Size:13470
Last Modified:Mar 26 19:50:38 2001
MD5 Checksum:69b3453f1fb1650388fc63297652d221

 ///  File Name: apachebd.tgz
Description:
 Apache backdoor - Backdoors apache 1.3.17 / 1.3.19 to spawn a root shell when a certain page is requested.
Author:Venomous
File Size:3026
Last Modified:Mar 19 03:30:44 2001
MD5 Checksum:16607a98f128adb61a82b23f660bfc19

 ///  File Name: Synapsys-lkm.tar.gz
Description:
 Synapsis is a LKM rootkit for Linux which features file hiding, process hiding, user hiding, magic UID, and netstat hiding.
Author:Berserker
Homepage:http://www.neural-collapse.org
File Size:5298
Last Modified:Mar 16 17:27:35 2001
MD5 Checksum:aa9aeedd64b1d79407698c5703d358fc

 ///  File Name: Rkit-1.01.tgz
Description:
 RKit is a Linux LKM backdoor/rootkit which intercepts the SYS_setuid call and ups a specified UID to 0 when that user logs in thereby successfully (and covertly) backdooring the root account.
Author:TBob
File Size:1878
Last Modified:Mar 15 18:58:24 2001
MD5 Checksum:e6097ee042b27caf6263bec25f484838

 ///  File Name: cbd.c.txt
Description:
 CBD.c is a simple backdoor which allows machines behind firewalls to be controlled via outgoing connections.
Author:Wouter ter Maat
Homepage:http://www.digit-labs.or
File Size:1160
Last Modified:Feb 20 21:07:05 2001
MD5 Checksum:85c194f62635a80b322a0566ac30942e

 ///  File Name: adore-0.31.tar.gz
Description:
 Adore is a linux LKM based rootkit. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Automatic configuration, bug fixes.
File Size:9738
Last Modified:Jan 9 13:54:45 2001
MD5 Checksum:4bdf75cfb7735741285ae82f5b5d4df6

 ///  File Name: thclinbd.tar.gz
Description:
 THC Backdoor for Linux - This is a simple but useful backdoor for Linux based on a FreeBSD lkm by pragmatic/THC.
Author:bELFaghor
Homepage:http://www.s0ftpj.org
File Size:997
Last Modified:Jan 4 19:39:14 2001
MD5 Checksum:7855b79979217cd5813788e01a0e1b83

 ///  File Name: thcobsdbd.tar.gz
Description:
 THC Backdoor ported to OpenBSD - This is a simple but useful backdoor for OpenBSD based on a FreeBSD lkm by pragmatic/THC.
Author:Pigpen
Homepage:http://www.s0ftpj.org
File Size:1582
Last Modified:Jan 4 19:37:46 2001
MD5 Checksum:11ada1cc8831dc0a793e5b9c3a2c9b78

 ///  File Name: aasniff.tar.gz
Description:
 Anti Anti Sniffer Patch - Linux kernel patches to hide a sniffer from the most known anti-sniffers.
Author:Vecna
Homepage:http://www.s0ftpj.org
File Size:2649
Last Modified:Jan 4 17:55:58 2001
MD5 Checksum:864e1c903014d25f0b1e5c91a79785b2

 ///  File Name: eshell.c
Description:
 Eshell.c is a encrypted bindshell type backdoor which has a server daemon and client with AES encryption via libmix.
Author:Luki Rustianto
Homepage:http://www.karet.org
File Size:5667
Last Modified:Jan 4 17:40:11 2001
MD5 Checksum:75b97d78a51fdf7a51d4eb6fbd64fd9e
 

 ///  Last 10 Files
  1. :· dsa-2015-1.txt
  2. :· phpbb2plus-sql.txt
  3. :· oraclexdb-overflow.txt
  4. :· phpnukerd-sql.txt
  5. :· ninkobb-addadmin.txt
  6. :· joomlaalert-sql.txt
  7. :· miranda-fail.txt
  8. :· arp_sniff.c
  9. :· varicad-overflow.c
  10. :· softsaurus-rfi.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· dsa-2015-1.txt
  2. :· miranda-fail.txt
  3. :· USN-914-1.txt
  4. :· secunia-qfxsrf.txt
  5. :· secunia-qfbidisclose.txt
  6. :· secunia-qfmddisclose.txt
  7. :· USN-913-1.txt
  8. :· CORE-2009-0803.txt
  9. :· USN-912-1.txt
  10. :· ZDI-10-032.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpbb2plus-sql.txt
  2. :· oraclexdb-overflow.txt
  3. :· phpnukerd-sql.txt
  4. :· ninkobb-addadmin.txt
  5. :· joomlaalert-sql.txt
  6. :· arp_sniff.c
  7. :· varicad-overflow.c
  8. :· softsaurus-rfi.txt
  9. :· nensorcms-lfisql.txt
  10. :· sahana-bypass.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· sipwitch-0.7.4.tar.gz
  2. :· dff-0.5.0-src.tar.gz
  3. :· buck-security_0.4.zip
  4. :· iexploder-1.5.tgz
  5. :· whatweb-0.4.tar.gz
  6. :· sqlmap-0.8.tar.gz
  7. :· nuxkeylogger0.0.1.c
  8. :· samhain-2.6.3.tar.gz
  9. :· cookiemonster_v1.6.zip
  10. :· gnupg-2.0.15.tar.bz2
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· plumbercon10-cfp.txt
  2. :· skypeimbot-analysis.pdf
  3. :· IranianNames.txt
  4. :· darkmysqli-injection.pdf
  5. :· tcpdump.pdf
  6. :· physical-terminations.pdf
  7. :· common-ports.pdf
  8. :· Wireshark_Display_Filters.pdf
  9. :· VLANs.pdf
  10. :· Spanning_Tree.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice