exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 256 RSS Feed

Files

Web Exploitation Engine 0.1
Posted Feb 12, 2013
Authored by infodox, LaNMaSteR53

This is a simple utility for exploiting command injection vulnerabilities in web applications. Supports POST and GET requests. Can deliver an "inline shell" or a (python) reverse shell.

tags | tool, web, shell, vulnerability, rootkit, python
systems | unix
SHA-256 | 2c82dcde1a7835fac49946c2d7c022271f0105c0e8c280133632994e909508cd
PHP Kit 0.2a
Posted Jan 17, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().

Changes: Shell client rewritten and a file upload client was added.
tags | tool, arbitrary, php, rootkit
systems | unix
SHA-256 | 3078b9daa99d887414dbe12584cdafa91a5f3554f05f8ad34cdf5d3ffe218a26
PHP Kit 0.1a
Posted Jan 6, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php:// input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include(). Includes a simple python client that gives a "shell" on the server.

tags | tool, shell, php, rootkit, python
systems | unix
SHA-256 | a0b89f7413840636a73320699e779bec747d2127f4e7880708cb96dae4596056
Indrajith Mini Shell 2.0
Posted Jan 3, 2013
Authored by Ajith KP, Vishunath KP, Indishell, Team Open Fire

This is a mini-php backdoor shell. It has a PHP encoder/decoder, mail bombing functionality, reverse shell, cPanel cracker, and more.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | 27ad339a1514e347e845b24923cfcd49b2242e7c4f4111ce61e4b88048eb9c3e
Indrajith Mini PHP Shell Backdoor
Posted Dec 23, 2012
Authored by Ajith KP, Vishunath KP

This is a mini-php backdoor shell.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | 5ca862943a56fca9733eed2540342a6875fffe6804949d6179595f4a6df1aeea
Linux 2.6 Kernel /proc Rootkit Backdoor
Posted Nov 22, 2012
Authored by Analiz

Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.

tags | tool, kernel, rootkit
systems | unix
SHA-256 | e25b0997b5091f37ef98994f27fe8bbbd761dbb249f79ecc16ff5c73bf2ba57e
Reverse Shell 1.0
Posted Oct 9, 2012
Authored by Ashfaq Ansari

This sample code is a reverse shell written in PHP with an authentication feature.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | baa6da9a5a8a1d7c041facc10f0ed1b4c6b6b4431f46cb1460624911beda9e6b
Rubilyn 0.0.1
Posted Oct 6, 2012
Authored by prdelka | Site nullsecurity.net

This is a 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion and below. It uses a combination of syscall hooking and DKOM to hide activity on a host. String resolution of symbols no longer works on Mountain Lion as symtab is destroyed during load, this code is portable on all Lion and below but requires re-working for hooking under Mountain Lion.

tags | tool, kernel, rootkit
systems | unix, bsd, apple, osx
SHA-256 | b104cfd2f826400eb9d8d5a81941ae270ed54b62ebfb9893fc474185b717dd60
Weevely PHP Backdoor 0.7
Posted Jul 11, 2012
Authored by Emilio Pinna | Site epinna.github.com

Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. Is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Changes: Portscan modules added. Proxies modules added. File system browsing and remote command execution even if PHP security restrictions are in place. Various other additions.
tags | tool, web, shell, php, rootkit
systems | linux, unix
SHA-256 | 9ca1b6b62a4fcc57851e48e31b456e9ea711e0ef46b10cf39d3277547b450333
NetcatPHPShell 1.10
Posted May 7, 2012
Authored by Mr.H4rD3n

NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | abba3db5d6d8d109c7a47018d57d39b218beaabd3f5704fd0bd207157668d4bd
Jynx-Kit Release 2
Posted Mar 18, 2012
Authored by ErrProne

Jynx Kit is a LD_PRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell. Solid building block for further LD_PRELOAD rootkits.

Changes: Improved SSL backdoor.
tags | tool, shell, rootkit
systems | linux, unix
SHA-256 | 8aed104a95e0968ecd5e1edac63a89615a69f27a46f562a20f107543a6ce2099
Carbylamine PHP Encoder
Posted Mar 15, 2012
Authored by Prakhar Prasad | Site code.google.com

Carbylamine PHP Encoder is a PHP Encoder for obfuscating/encoding PHP files so that antivirus detection signatures can be bypassed.

tags | tool, php, rootkit
systems | unix
SHA-256 | 6f197acdeea20ab9bfd507bc9b7b41f814bbf276f8f26d7b7d2f1d89744c1b14
WeBaCoo (Web Backdoor Cookie) 0.2.3
Posted Mar 13, 2012
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Single command execution mode. Multi HTTP methods support. Download / Stealth extension modules. Various other updates.
tags | tool, web, rootkit
systems | linux, unix
SHA-256 | 087283a5e4ae66b6ac53dccfd5878fe22ca5d12bcebb302675d4406e23575560
darkBC Python Connect-Back Script
Posted Feb 24, 2012
Authored by baltazar

This is a small connect-back script written in Python.

tags | tool, rootkit, python
systems | unix
SHA-256 | 835b9dec3575dd1389efc8a4a007dd336a926416a6593e7523caf0ba48d3e976
trixd00r 0.0.1
Posted Feb 8, 2012
Authored by noptrix | Site nullsecurity.net

trixd00r is an advanced and invisible userland backdoor based on TCP/IP for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP. The client is used to send magic packets to trigger the server and get a shell.

tags | tool, shell, udp, tcp, rootkit
systems | unix
SHA-256 | a0eed62b5c320cfd39c32774d90d6628aacc7c98a02dc18bb3533d4641887a47
WeBaCoo (Web Backdoor Cookie) 0.2.2
Posted Feb 2, 2012
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Support for extension modules, MySQL CLI extension module, Upload extension module, various other additions.
tags | tool, web, rootkit
systems | unix
SHA-256 | 586fbad973ea45413a2213504358a5aee068c791511b7cdb2756e9cc84cdcf2c
Small Python Backdoor
Posted Jan 21, 2012
Authored by Reflex

This is a very small backdoor written in Python.

tags | tool, rootkit, python
systems | unix
SHA-256 | d0baeea38076b6dcda8e266effbaece56f3447f95f42e03b5da43c0f47bbafef
Log2Command 1.0
Posted Jan 2, 2012
Site it.sverigedemokraterna.se

log2command is a PHP script that tracks IPs in log files and executes shell commands per each IP. log2command was created as a sort of reverse fail2ban or cheap VPN-firewall: a machine with a closed firewall can be told, by a foreign machine, to accept connections from a specific IP. log2command then keeps track of the webserver log file and watches for inactivity from the user's IP. After an amount of time another command is executed that can remove the user's IP from the firewall, closing down the machine again. The PHP script is a command-line program that can be run in the background.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | df3d9c8ed704fef75b0299e0e7a5d3f53ce40512cc6b54ed3e1432b1ad72df36
KBeast (Kernel Beast) Linux Rootkit 2012
Posted Jan 1, 2012
Authored by IPSECS

KBeast (Kernel Beast) 2012 is a Linux rootkit that hides the loadable kernel module, hides files and directories, hides processes, hides sockets and connections, performs keystroke logging, has anti-kill functionality and more.

tags | tool, kernel, rootkit
systems | linux, unix
SHA-256 | 63f6b4bc4339137a2e0815584ec2c392125bf6d3a2e797f3285be98719fd091b
WeBaCoo (Web Backdoor Cookie) 0.2
Posted Dec 19, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Built in Tor proxy support. New random delimiter string for each request. Various other updates.
tags | tool, web, rootkit
systems | unix
SHA-256 | 8e6fe6a513916c776350b0cbff29427e8719a4d3095dfe4fdd3b4ad34e3bde2e
WeBaCoo (Web Backdoor Cookie) 0.1.2
Posted Dec 9, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

tags | tool, web, rootkit
systems | unix
SHA-256 | 6e46638034d12ee47a4a4955583b5065ffc4d0142d553c15fc90abbf42ca5b89
Jynx Kit Userland Rootkit
Posted Oct 17, 2011
Authored by ErrProne

Jynx Kit is a LD_PRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell. Solid building block for further LD_PRELOAD rootkits.

tags | tool, shell, rootkit
systems | unix
SHA-256 | bbeb032e2f9929a6af65472aee0188c9962b2569eed6ca4c4d073142f10ab850
PHP SST Sheller 1.0
Posted Oct 16, 2011
Authored by Amir Masoud

This is simply a PHP shell with a bunch of features like spoofing mail, file uploads, and more.

tags | tool, shell, spoof, php, rootkit, file upload
systems | unix
SHA-256 | 4b62d88653f707028740984998a846bce54234865cd62cec045e7c6dffb125ed
Knull Shell Alpha1
Posted Oct 1, 2011
Authored by knull | Site leethack.info

Knull Shell Alpha1 is a PHP shell that has bind, reverse, and backpipe shells.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | ad77bcbd30f3d90fdb9ea4fa2d171918170d050e6362eb389985fee2e78fd1ef
Ani-Shell 1.4 PHP Shell
Posted Sep 22, 2011
Authored by Aneesh Dogra

Ani-Shell is a simple PHP shell with some unique features like a mass mailer, ddoser, connect-back shell, bind shell, and various other features.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | 5d436e5e3f0f9049b1f6c13ff1c3e8d6533281bd4fb1495f94866b260b5e0b5a
Page 2 of 11
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close