.:[ packet storm ]:.
                           
the world's security
the world's security

 Section:  .. / UNIX / penetration / rootkits  /

The software in this directory is provided for the use of System Admins only, and is provided to keep them informed on the backdoors that are currently in circulation. We strongly discourage the use of these tools without proper permission.

Page 1 of 9
<< 1 2 3 4 5 6 7 8 9 >> Files 1 - 25 of 211
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0x333openssh-3.7.1p2.tar.gz
Description:
 Backdoored version of OpenSSH 3.7.1p2 that uses a magic password referenced via an md5 hash in a file, logs logins and passwords to a specified file, and can run without the backdoors being active.
Author:nsn
Homepage:http://www.0x333.org
File Size:801501
Last Modified:Sep 26 19:12:17 2003
MD5 Checksum:008690b0235471672d814b9db06d94f4

 ///  File Name: 2minbdoor.c
Description:
 /bin/login backdoor by tracewar.
File Size:753
Last Modified:Aug 21 00:29:29 2002
MD5 Checksum:b44ea20a28d7e2ed9260a8d96caaae9e

 ///  File Name: 3vilSh3ll.c
Description:
 Classic backdoor bindshell that is password protected, hides activity, forks, and does all the expected functions of an evil backdoor.
Author:Simpp
File Size:7272
Last Modified:Mar 18 22:25:36 2008
MD5 Checksum:9cf37a9cec5547cca5c9872fbe651b5f

 ///  File Name: 4553-invader-2.1.1.tar.gz
Description:
 4553 - Invader v2.1.1 is source code which can append parasitic executable code to any ELF binary which causes it it to send a shell to a remote host. Uses TCP port 21317 by default.
Author:Brain Storm,Resistor
Homepage:http://es.xor.ru
File Size:3983
Last Modified:Nov 27 04:50:06 2002
MD5 Checksum:e828fd8a619c206f18a7ae7ceb58344d

 ///  File Name: _root_040.zip
Description:
 Windows NT Rootkit v0.04 alpha - Hides processes, files, directories, has k-mode shell using TCP/IP - you can telnet into rootkit from remote. Hides registry keys - (keyboard patch disabled in this build.) Includes execution redirection.
Homepage:http://www.rootkit.com
File Size:107713
Last Modified:Jul 29 05:16:28 2001
MD5 Checksum:12487fc88e78176f582cbbdbd45f2575

 ///  File Name: aasniff.tar.gz
Description:
 Anti Anti Sniffer Patch - Linux kernel patches to hide a sniffer from the most known anti-sniffers.
Author:Vecna
Homepage:http://www.s0ftpj.org
File Size:2649
Last Modified:Jan 4 17:55:58 2001
MD5 Checksum:864e1c903014d25f0b1e5c91a79785b2

 ///  File Name: adore-0.31.tar.gz
Description:
 Adore is a linux LKM based rootkit. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Automatic configuration, bug fixes.
File Size:9738
Last Modified:Jan 9 13:54:45 2001
MD5 Checksum:4bdf75cfb7735741285ae82f5b5d4df6

 ///  File Name: adore-0.34.tgz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Improved 2.4 support, better authentication checking, permanent PID removal, configure script, experimental exec redirection for i386.
File Size:13470
Last Modified:Mar 26 19:50:38 2001
MD5 Checksum:69b3453f1fb1650388fc63297652d221

 ///  File Name: adore-0.38.tar.gz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Added 64bit FS support, now fools protection modules as StMichael, and minor fixes.
File Size:14316
Last Modified:May 25 18:17:46 2001
MD5 Checksum:72e80f9fa6ebe9358f7fd0358c8e959f

 ///  File Name: adore-0.39b4.tgz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Now includes open()/stat() redirection and improved netstat hiding. Removed execution redirection.
File Size:14678
Last Modified:Jul 29 05:48:33 2001
MD5 Checksum:777cbd2a59268b394b79da2bda910a40

 ///  File Name: adore-0.42.tgz
Description:
 Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
Author:Stealth
Homepage:http://www.team-teso.net
Changes:Added devpts fix, fixed is_secret64() to properly hide files, and fixed a memory leak.
File Size:14749
Last Modified:Sep 19 18:18:14 2002
MD5 Checksum:156ded13d5e16b84a9e31193bc9bc417

 ///  File Name: adorebsd-0.34.tar.gz
Description:
 AdoreBSD 0.34 - Based off Linux Adore by Stealth. Features hiding files and directories from view, makes processes invisible, hides promiscuous flag and syslog messages, execute as root, hides sysctl mib entries, netstat service hiding, authentication, and module hiding. Developed on FreeBSD 4.3-STABLE.
Author:Bind
Homepage:http://team-teso.net
File Size:9387
Last Modified:May 25 18:24:56 2001
MD5 Checksum:f98864a4f927e04d6f66a010934a08a0

 ///  File Name: all-root.c
Description:
 A kernel trojan (basic linux kernel module) which gives all users root.
Author:Blasphemy
File Size:1014
Last Modified:May 1 17:47:23 1999
MD5 Checksum:2fc84f709e328db384764211be4ac3eb

 ///  File Name: allinone.c
Description:
 Allinone.c is a backdoor which is a http server, a sockets transmit server, a shell backdoor, a icmp backdoor, a bind shell backdoor, a http shell, copy file from remote host, can use a socks5 proxy.
Author:Lion
Homepage:http://www.cnhonker.com
File Size:19710
Last Modified:Oct 21 02:01:23 2002
MD5 Checksum:8bc44ad107518ac38b7003c5479ca020

 ///  File Name: apachebd.tgz
Description:
 Apache backdoor - Backdoors apache 1.3.17 / 1.3.19 to spawn a root shell when a certain page is requested.
Author:Venomous
File Size:3026
Last Modified:Mar 19 03:30:44 2001
MD5 Checksum:16607a98f128adb61a82b23f660bfc19

 ///  File Name: ark-1.0.1.tar.gz
Description:
 ARK version 1.0.1 - Ambient's Rootkit for Linux. Binaries only. This package includes backdoored versions of syslogd, login, sshd, ls, du, ps, pstree, killall, and netstat.
Author:Ambient
Changes:sshd backdoor is fixed, and top backdoor is now included. Warning: ARK sends email to a free email account on each system it is installed on - It is backdoored.
File Size:526758
Last Modified:Dec 30 20:34:19 2000
MD5 Checksum:be9b7c48c5102c32c72b410db8862d05

 ///  File Name: ark-1.0.tar.gz
Description:
 ARK version 1.0 - Ambient's Rootkit for Linux. Binaries only. This package includes backdoored versions of syslogd, login, sshd, ls, du, ps, pstree, killall, and netstat. Warning: ARK sends email to a free email account on each system it is installed on - It is backdoored.
File Size:497089
Last Modified:Dec 8 04:21:14 2000
MD5 Checksum:e5ccf93c811a9f73166051c1651001e9

 ///  File Name: asmd.tgz
Description:
 ASMD is a local root backdoor which is a wrapper which can wrap any setuid binary.
Author:Ripper
File Size:2132
Last Modified:Dec 16 22:20:36 2000
MD5 Checksum:cf80ea5f62e7ba91e765a5b5054b23f7

 ///  File Name: audpbackdoor.tar.gz
Description:
 A udp based backdoor, client and server are written in perl. Uses port 520 by default.
Author:Sventek
Homepage:http://www.elxsi.de
File Size:926
Last Modified:Dec 7 14:27:24 1999
MD5 Checksum:5f7f7b42d188ec46878822181630c941

 ///  File Name: b0stt.tar.gz
Description:
 Buffer0verfl0w Security Team Ssh Trojan - Does not log anything to system logs(utmp,wtmp,lastlog and the rest of syslogd logs), it also logs all incoming/outcoming ssh passwords.
Author:xfer
Homepage:http://b0f.freebsd.lublin.pl
File Size:83433
Last Modified:May 7 23:09:22 2000
MD5 Checksum:3ca811fa7c30725b688e469ac3d73e0a

 ///  File Name: backd00r.c
Description:
 Unix bindshell backdoor that acts as psybnc if the password fails.
Author:darkXside
File Size:2948
Last Modified:Mar 15 00:00:58 2005
MD5 Checksum:fd338c62f08e87b4b033bc88a47f9b9c

 ///  File Name: backdoor.tar.gz
Description:
 This tarball has original source code for FreeBSD binaries such as find, fstat, kldstat, etc along with a script that enables you to easily set how you want them backdoored.
Author:Dark.iNiTro
Homepage:http://ccb.0x48k.cc/index.php?module=files
File Size:245330
Last Modified:May 2 20:06:51 2007
MD5 Checksum:3046022b733bd0ccc37165e34a2db7ad

 ///  File Name: bash-door.tar.gz
Description:
 Backdoors Bash-2.05 for local root.
Author:Bob
Homepage:http://www.dtors.net
File Size:2426
Last Modified:Jul 8 02:45:50 2002
MD5 Checksum:c6edcabbcd0ade055d43a041c42f2c50

 ///  File Name: BBD-0.3.tgz
Description:
 BBD is a passcode protected remote backdoor with configurable TCP port. After login the backdoor reports if any users or root users are logged in. This version contains an client which allows you to execute the command remote as well as local by prefixing a command with a semicolon.
Author:Detach
File Size:4694
Last Modified:Aug 21 01:50:31 2002
MD5 Checksum:2d2074b6a4c23bf8bb912ffe8dbeb658

 ///  File Name: BBD-0.4.tgz
Description:
 BBD is a passcode protected remote backdoor with configurable TCP port. After login the backdoor reports if any users or root users are logged in. Allows remote command execution and file upload.
Author:Detach
File Size:8618
Last Modified:Nov 19 11:16:47 2002
MD5 Checksum:17a9eaece27bbf5b5a8601c89b3b3a27
 

 ///  Last 10 Files
  1. :· PLSA-2008-36.txt
  2. :· wpsimple-xss.txt
  3. :· googlechrome-pwn.tgz
  4. :· microworld-insecure.txt
  5. :· devalcms-xssexec.txt
  6. :· microtik-poc.txt
  7. :· xcon2008-cfp.txt
  8. :· awstats-exec2.txt
  9. :· SSRT080119.txt
  10. :· wordpress-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-36.txt
  2. :· microworld-insecure.txt
  3. :· SSRT080119.txt
  4. :· MDVSA-2008-186.txt
  5. :· glsa-200809-04.txt
  6. :· glsa-200809-03.txt
  7. :· glsa-200809-02.txt
  8. :· glsa-200809-01.txt
  9. :· atheros-overflow.txt
  10. :· clamav-chm.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· wpsimple-xss.txt
  2. :· googlechrome-pwn.tgz
  3. :· devalcms-xssexec.txt
  4. :· microtik-poc.txt
  5. :· awstats-exec2.txt
  6. :· wordpress-xss.txt
  7. :· geocar-sql.txt
  8. :· zencart138a-sql.txt
  9. :· qwicsitepro-sqlxss.txt
  10. :· awstats-exec.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· xcon2008-cfp.txt
  2. :· aslr-bypass.txt
  3. :· alphanumeric-shellcode.txt
  4. :· imagebase-shellcode.txt
  5. :· mysql-injection-newbies.txt
  6. :· draft-gont-opsec-ip-security-01.txt
  7. :· draft-ietf-tsvwg-port-randomization-02.txt
  8. :· evilshell.c
  9. :· OpenSSH-4.4p1-backdoored.tar.gz
  10. :· strongswan-4.2.6.tar.gz
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice