.:[ packet storm ]:.
                             
the internet security encyclopedia
the internet security encyclopedia

 Section:  .. / UNIX / penetration / rootkits  /

The software in this directory is provided for the use of System Admins only, and is provided to keep them informed on the backdoors that are currently in circulation. We strongly discourage the use of these tools without proper permission.

Page 8 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 175 - 200 of 211
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: ulogin.c
Description:
 Universal login trojan - Login trojan for pretty much any O/S. Tested on Linux, BSDI 2.0, FreeBSD, IRIX 6.x, 5.x, Sunos 5.5,5.6,5.7, and OSF1/DGUX4.0. Works by checking the DISPLAY environment variable before passing the session to the real login binary.
Author:Tragedy
Homepage:http://www.etc-crew.org
File Size:1344
Last Modified:Feb 4 17:54:55 2000
MD5 Checksum:4d5c12f579e07686a1b350c0064601f4

 ///  File Name: taskigt.tar.gz
Description:
 Taskigt - A lkm that gives root to a process that read a special file in /proc.
Author:noah
Homepage:http://ns2.crw.se/~tm/
File Size:1286
Last Modified:Jan 28 18:54:48 2000
MD5 Checksum:b4d52ecb3a6914d9836ecfea34237649

 ///  File Name: phide.tar.gz
Description:
 Phide - A lkm that hides processes under Linux 2.0. There already exist such thing for Linux 2.2 [like heroin.c or knark] but they're just for Linux 2.2.
Author:noah
Homepage:http://ns2.crw.se/~tm/
File Size:2667
Last Modified:Jan 28 18:53:58 2000
MD5 Checksum:25ca4d12e42ba1ac0e3a5a71ccc9f33e

 ///  File Name: pop3d-trojan.tar.gz
Description:
 in.pop3d backdoor - Still functions as in.pop3d, but gives a shell with the proper password.
Author:Formatez
File Size:58476
Last Modified:Jan 24 15:28:44 2000
MD5 Checksum:17c5305640b6991c01bca8be2220d04a

 ///  File Name: ovas0n.c
Description:
 Opens a password protected backdoor and lets you execute commands, and then hides in the background. Based on gs.c.
Author:misteri0
File Size:4160
Last Modified:Jan 10 01:45:19 2000
MD5 Checksum:43ff0cfc1b7dce9d3e4729fe7d1659a3

 ///  File Name: kbdv2.c
Description:
 Kdb is a nice little backdoor that allows root access by modifing the SYS_stat and SYS_getuid system calls.
Author:Spaceork
Changes:Works on 2.2 kernels.
File Size:2803
Last Modified:Jan 6 17:58:37 2000
MD5 Checksum:22f71383be1c921d2963d540aec9e668

 ///  File Name: rkssh5.tar.gz
Description:
 Patch to sshd-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesnt write anything to the logs.
Author:Zelea
Homepage:http://www.ne.jp/asahi/linux/timecop/
Changes:Bugfixes, and now uses a md5 hash of the password to prevent password recovery from the sshd binary.
File Size:2969
Last Modified:Dec 16 18:12:07 1999
MD5 Checksum:5e68f72e686f63202d137c951463f36d

 ///  File Name: audpbackdoor.tar.gz
Description:
 A udp based backdoor, client and server are written in perl. Uses port 520 by default.
Author:Sventek
Homepage:http://www.elxsi.de
File Size:926
Last Modified:Dec 7 14:27:24 1999
MD5 Checksum:5f7f7b42d188ec46878822181630c941

 ///  File Name: cgiback.tgz
Description:
 CGI backdoor which can be compiled with or without logging. Password protected. Tested on Redhat 6.1.
Author:Overflow
File Size:4296
Last Modified:Dec 6 18:36:00 1999
MD5 Checksum:d655d5f0af6adf9f8fba1cba39f1d0ee

 ///  File Name: sshd.c.diff-1.2.27
Description:
 A small patch to sshd v1.2.27 which accepts a magic password to authenticate, and does not log to utmp/wtmp or syslog.
Author:Ajax
Homepage:http://users.dhp.com/~ajax/projects
File Size:1992
Last Modified:Nov 29 19:59:45 1999
MD5 Checksum:4dcfe52ec799e78df496516afd7b9c29

 ///  File Name: Q-0.9.tgz
Description:
 First public release of Q - a client / server backdoor with strong (256 bit AES) encryption for remote shell access. Also supports encrypted tcp relay/bouncer server that supports normal clients (with a local encryption tunneling daemon). Includes stealth features like activation via raw packets, syslog spoofing, and single-session servers that prevent it from appearing in netstat.
Author:Mixter
Homepage:http://members.tripod.com/mixtersecurity
File Size:29989
Last Modified:Nov 22 16:09:07 1999
MD5 Checksum:29b5c339905f4426ee32f8b384efef18

 ///  File Name: knark-0.59.tar.gz
Description:
 Knark is a kernel based rootkit for Linux 2.2. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects for seamlessly bypassing tripwire / md5sum.
Author:Creed
Changes:Remote command execution.
File Size:15169
Last Modified:Nov 21 01:12:10 1999
MD5 Checksum:adde1bb47d9e45237e83d85f8d48098f

 ///  File Name: knark-0.50.tar.gz
Description:
 Knark is a kernel-based rootkit for Linux 2.2. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects.
Author:Creed
File Size:12856
Last Modified:Nov 15 19:49:25 1999
MD5 Checksum:93b4d72822ac6b8cd5346542ae7804f8

 ///  File Name: bdoor.c
Description:
 Unix backdoor which pretends to be a http daemon.
Author:CyberPsychotic
File Size:3608
Last Modified:Nov 15 19:03:15 1999
MD5 Checksum:620e6dc8e252318465de768315e7f8be

 ///  File Name: falcon-ssh-diffs.tar.gz
Description:
 Two rootkit / backdoor patches to ssh-1.2.27. The first diff turns ssh into a major backdoor. it will report itself as nscd in the process list, have ALL logging disabled, run on a different port, ignore all settings in the config file and allow a "magic word" login to all accounts, including root. The other patch simply adds a magic password to sshd, for use in patching an existing sshd.
Author:Falcon
File Size:2538
Last Modified:Nov 5 12:30:34 1999
MD5 Checksum:cd9339f82c165b3b8fddebf126ff7c1d

 ///  File Name: ssh-1.2.27rk.diff
Description:
 w00w00's magic backdoor patch for ssh 1.2.27. Magic password, does not log, permits root login, etc.
Author:shadow
Homepage:http://www.w00w00.org
File Size:3673
Last Modified:Nov 4 01:40:45 1999
MD5 Checksum:e96d9e18cde693eab2f572e3e8676304

 ///  File Name: rkssh4.tar.gz
Description:
 Patch to ssh-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesnt write anything to the logs.
Author:Timecop
File Size:2174
Last Modified:Oct 19 14:35:03 1999
MD5 Checksum:f26c7b5ee0dd4daa893676ceb46aca75

 ///  File Name: sol24.zip
Description:
 Solaris 2.4 rootkit.
File Size:5949
Last Modified:Aug 16 20:06:53 1999
MD5 Checksum:411213add7627494a48b94a504917b38

 ///  File Name: sol25.zip
Description:
 Solaris 2.5.1 rootkit.
File Size:7882
Last Modified:Aug 16 20:06:53 1999
MD5 Checksum:a7cb0fb898d231711a160a6308bb5342

 ///  File Name: sun-5.5.1.zip
Description:
 Solaris 2.5.1 rootkit.
File Size:14587
Last Modified:Aug 16 20:06:53 1999
MD5 Checksum:ebf975690e348e10295a463ab13c5229

 ///  File Name: Trojanit.tar.gz
Description:
 compact trojan/root kit for linux and maybe bsd.
Author:syg [at] EFnet. bugfix release
File Size:4866
Last Modified:Aug 16 20:05:24 1999
MD5 Checksum:f37b1a87bd7484f393118ead24edaab2

 ///  File Name: lrk4.unshad.tar.gz
Description:
 Linux Rootkit 4 - Precompiled Unshadowed Distribution.
Author:Lord Somer
File Size:1252709
Last Modified:Aug 16 20:05:24 1999
MD5 Checksum:b4070c30eb6ec9f6b18c3c2dbbbf488c

 ///  File Name: rootkit.zip
Description:
 Unavailable.
File Size:79041
Last Modified:Aug 16 20:05:24 1999
MD5 Checksum:fda05ac95076efa11544721c1a77b8e3

 ///  File Name: server.c
Description:
 Gummo backdoor server - a basic but effective backdoor server.
Author:ph1x,featured in b4b0 #6
File Size:3930
Last Modified:Aug 16 20:05:24 1999
MD5 Checksum:14049dbf8ff36ffccd6beb5474710447

 ///  File Name: sm4ck.c
Description:
 sm4ck v0.1 adds three simple backdoors to the box you execute it on.
Author:Sector9 of rewted.org
File Size:3443
Last Modified:Aug 16 20:05:24 1999
MD5 Checksum:932b3e5d06df84fa9d92252e63798898
 

 ///  Last 10 Files
  1. :· scapy-2.0.0.10.tar.gz
  2. :· caarcserve-dos.txt
  3. :· glsa-200810-02.txt
  4. :· scriptsezid-download.txt
  5. :· scriptsezmhp-lfi.txt
  6. :· metasploitSMB.pdf
  7. :· stash103exp.txt
  8. :· mswingdi-poc.txt
  9. :· cameralife-sqlxss.txt
  10. :· SSRT080099.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· caarcserve-dos.txt
  2. :· glsa-200810-02.txt
  3. :· SSRT080099.txt
  4. :· SSRT080046.txt
  5. :· ZDI-08-066.txt
  6. :· ZDI-08-065.txt
  7. :· ZDI-08-064.txt
  8. :· ZDI-08-063.txt
  9. :· dsa-1649-1.txt
  10. :· dsa-1648-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· scriptsezid-download.txt
  2. :· scriptsezmhp-lfi.txt
  3. :· stash103exp.txt
  4. :· mswingdi-poc.txt
  5. :· cameralife-sqlxss.txt
  6. :· aradcenter-sql.txt
  7. :· persiantools-sql.txt
  8. :· PR07-31.txt
  9. :· fc2blog-xss.txt
  10. :· joomlajoomtracker-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· scapy-2.0.0.10.tar.gz
  2. :· bf10BETA.tar.gz
  3. :· RFIDIOt-Windows-0.1t.zip
  4. :· RFIDIOt-0.1t.tgz
  5. :· opennhrp-0.8.tar.bz2
  6. :· zfz20BETA.tar.gz
  7. :· fwknop-1.9.8.tar.gz
  8. :· msnshadow-0.3_beta.tar.bz2
  9. :· geoipgen0.2b.tgz
  10. :· thc-rfidiot.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· metasploitSMB.pdf
  2. :· webapps-attack.txt
  3. :· dirTraversal.txt
  4. :· targeting-voip.pdf
  5. :· oracle-assault.pdf
  6. :· ShellCodeForBeginners.pdf
  7. :· linux-setresuid.txt
  8. :· nufw-2.2.17.tar.gz
  9. :· slackfire-0.65.d-noarch-1.tgz
  10. :· strongswan-4.2.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice