This is a auto logger for Amuser-net BBS which is used in the many Japanese underground sites
3c6e56c55f2e9063aaf349c9872da680This utility lists the servers which have the security vulnerabilities of CGI program. This utility supports the pht, test-cgi, nph-test-cgi, campas, htmlscritp, servce, pwd. The addition of new vulnerabilities is very easy.
3b0def202f08648fc9881d638df01085The simple full-connection TCP port scanner. This utility lists the servers that open the specified port.
1434dbaba3484bca0063b32ae1df9b67ftp trojan logs the hostname, username, and password when the local users use the ftp.
70bcffc5049b48f4415c054831017ed5This program is one of the ethernet packet sniffer for LINUX, FreeBSD, SunOS4.1, Solaris2, and IRIX that can log the all packets in each session of telnet, rlogin, pop3, ftp. If you install this program in the cracked server, you can also know the cracking process and the location of rootshell by the crackers. The logs of this tool is the evidence of the cracking, this tool is also useful for admin.
4cb4d20c3304601c747194722ab256dfA generic banner scanner. eg scan for qpop 110, wuftpd 21, wingates 23, telnet banners 23, etc etc
ce09b86504ce12e42f80a4627d2abfc3This is one of the rootshell program. This program will be rootshell if you specify the special argment. If the special argment is not specified, this program calls a specified program. So, you name this program as well known suid program, it's very difficult for admins to find.
972284fa40fbd79e74121a98ef5f226dImproved version of hrs. You can easy install hrs by this shell script.
a0569055929d84836e4601c5a454d01eThis program checks many IRIX security holes automatically. If you are admin, can check easily the security vulnerabilities of each IRIX. Don't use for the auto attack. This scanner contains the ttdbserver attack, this function is based on the script which is developped by the rootshell. thanks.
6ed72c2b003024ef4818b460371143d3If the access log is wiped by using the log wiper, the logs are not displayed by the last command. However, the general log wipers such as "zap" write the null on the specified entry of logfile, so you can check the log files whether the logs are wiped. This utility shows the all entries, you can analyze the logfile.
a85be3f58485ed34d9b3f9c71463f0b8This is the telnet trojan based on GNU telnet. The all operation which is included the server name, username, and password can be logged. This trojan can be installed with non-root user, if the user account is used by many crackers, you can also know the cracking process and the location of rootshell.
305307abab5a2c82e3093c7c8c9f5251Passwd trojan for freeBSD.
1088d2457aaef2a963eda828221d98d6Passwd trojan for IRIX. This trojan logs the username and password, and mails such information to you.
b05539d77005385a59715659f34968e1Passwd trojan for LINUX.
e1bb4a2e20e5323d14cff07b9a10ef20Passwd trojan for Solaris.
2a6ff083ab921fb71aa1a1f50f52babdPasswd trojan for SunOS4.
d4c7492e1ac5f0ad9c6ceb71e3ffef6fThis is the "/.rhosts" backdoor creation daemon. This is the faked telnetd, if you connect to the telnet port of the target host which is installed this daemon from the specified host, the "/.rhosts" is rewrited to "+ +", you can login to the target host by the "rlogin target -l root". Of course, the telnetd can be used normally.
ada51ed685b7e6fefb3f851412c97226In the Penguin Toolbox, I published the exploit code that can send and execute a trojan program which is prepared in the attacker host, this is server program which is used by such exploits. This program sends the "*.exe" program to the victim host, and the exploit code executes it.
7e1e90081114f7b0dc7b85adc49b2840This is the simple half-open and stealth TCP port scanner. In the half-open mode, this program can recognize the OS type of target host.
eb38415f021553359c7c167e66cad2cdIf you install the ps faker, ifconfig faker, and HRS, the size of such programs will be smaller than original commands. This program adjusts the size of executable program, avoids the size check.
02538901268fd7ff4247fc92bb051163SU trojan for Digital.
3e74452aa0e80456e7e2ee22b3bc25f3SU trojan for IRIX. This trojan logs the passwords. If you install the su trojan correctry, local users or admin fails the first "su", and the password which is inputed to su trojan has been logged to the specified file.
eed0677f1799609c5205e1dd1d4a0a5dSU trojan for Solaris2.4
625af8c325b186764a35a61de6972d1aSU trojan for Solaris2.5
26d22bee6c19251f19d19444e22da58bSU trojan for SunOS4
d73b61254500cf0c87e4239802338064
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed