exploit the possibilities
Showing 26 - 50 of 255 RSS Feed

Files

PHP Kit 0.2a
Posted Jan 17, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().

Changes: Shell client rewritten and a file upload client was added.
tags | tool, arbitrary, php, rootkit
systems | unix
MD5 | 40910d66f10f314b6cd4db2e25657f78
PHP Kit 0.1a
Posted Jan 6, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php:// input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include(). Includes a simple python client that gives a "shell" on the server.

tags | tool, shell, php, rootkit, python
systems | unix
MD5 | c0fdf0302ba0a23691d211e19deee9f7
Indrajith Mini Shell 2.0
Posted Jan 3, 2013
Authored by Ajith KP, Vishunath KP, Indishell, Team Open Fire

This is a mini-php backdoor shell. It has a PHP encoder/decoder, mail bombing functionality, reverse shell, cPanel cracker, and more.

tags | tool, shell, php, rootkit
systems | unix
MD5 | 5f88238813db299673b4cd8410ad9896
Indrajith Mini PHP Shell Backdoor
Posted Dec 23, 2012
Authored by Ajith KP, Vishunath KP

This is a mini-php backdoor shell.

tags | tool, shell, php, rootkit
systems | unix
MD5 | e20a3556c6b42ccc15163be62dd67581
Linux 2.6 Kernel /proc Rootkit Backdoor
Posted Nov 22, 2012
Authored by Analiz

Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.

tags | tool, kernel, rootkit
systems | unix
MD5 | f2f3ef80c6403c43b6af91f8c998e0e3
Reverse Shell 1.0
Posted Oct 9, 2012
Authored by Ashfaq Ansari

This sample code is a reverse shell written in PHP with an authentication feature.

tags | tool, shell, php, rootkit
systems | unix
MD5 | d0005805094e03f6c226cce5895878b3
Rubilyn 0.0.1
Posted Oct 6, 2012
Authored by prdelka | Site nullsecurity.net

This is a 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion and below. It uses a combination of syscall hooking and DKOM to hide activity on a host. String resolution of symbols no longer works on Mountain Lion as symtab is destroyed during load, this code is portable on all Lion and below but requires re-working for hooking under Mountain Lion.

tags | tool, kernel, rootkit
systems | unix, bsd, apple, osx
MD5 | 4e8726f077ff7d1b0a761ab15d4d8bc9
Weevely PHP Backdoor 0.7
Posted Jul 11, 2012
Authored by Emilio Pinna | Site epinna.github.com

Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. Is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Changes: Portscan modules added. Proxies modules added. File system browsing and remote command execution even if PHP security restrictions are in place. Various other additions.
tags | tool, web, shell, php, rootkit
systems | linux, unix
MD5 | f1bdc9de8ada128ea06fc0acfaaeeffb
NetcatPHPShell 1.10
Posted May 7, 2012
Authored by Mr.H4rD3n

NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell.

tags | tool, shell, php, rootkit
systems | unix
MD5 | 272d6d9b88fa87a16f8660e9f2a198c4
Jynx-Kit Release 2
Posted Mar 18, 2012
Authored by ErrProne

Jynx Kit is a LD_PRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell. Solid building block for further LD_PRELOAD rootkits.

Changes: Improved SSL backdoor.
tags | tool, shell, rootkit
systems | linux, unix
MD5 | c45c761a3482f2a9514aa851dd8fc7b8
Carbylamine PHP Encoder
Posted Mar 15, 2012
Authored by Prakhar Prasad | Site code.google.com

Carbylamine PHP Encoder is a PHP Encoder for obfuscating/encoding PHP files so that antivirus detection signatures can be bypassed.

tags | tool, php, rootkit
systems | unix
MD5 | 2a0006cd9cce2fd3adfed55243144cf7
WeBaCoo (Web Backdoor Cookie) 0.2.3
Posted Mar 13, 2012
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Single command execution mode. Multi HTTP methods support. Download / Stealth extension modules. Various other updates.
tags | tool, web, rootkit
systems | linux, unix
MD5 | 48bce3cf1ef0c9c611d66a0bd3dcfe8a
darkBC Python Connect-Back Script
Posted Feb 24, 2012
Authored by baltazar

This is a small connect-back script written in Python.

tags | tool, rootkit, python
systems | unix
MD5 | 2a7f1e94c35ca603a309de806dfd4ef6
trixd00r 0.0.1
Posted Feb 8, 2012
Authored by noptrix | Site nullsecurity.net

trixd00r is an advanced and invisible userland backdoor based on TCP/IP for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP. The client is used to send magic packets to trigger the server and get a shell.

tags | tool, shell, udp, tcp, rootkit
systems | unix
MD5 | 01d679c8bdbcea9db29455669165e216
WeBaCoo (Web Backdoor Cookie) 0.2.2
Posted Feb 2, 2012
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Support for extension modules, MySQL CLI extension module, Upload extension module, various other additions.
tags | tool, web, rootkit
systems | unix
MD5 | b74689916ea156d422177f331fe570c8
Small Python Backdoor
Posted Jan 21, 2012
Authored by Reflex

This is a very small backdoor written in Python.

tags | tool, rootkit, python
systems | unix
MD5 | abf97854fff55fbaf20ea64011da1522
Log2Command 1.0
Posted Jan 2, 2012
Site it.sverigedemokraterna.se

log2command is a PHP script that tracks IPs in log files and executes shell commands per each IP. log2command was created as a sort of reverse fail2ban or cheap VPN-firewall: a machine with a closed firewall can be told, by a foreign machine, to accept connections from a specific IP. log2command then keeps track of the webserver log file and watches for inactivity from the user's IP. After an amount of time another command is executed that can remove the user's IP from the firewall, closing down the machine again. The PHP script is a command-line program that can be run in the background.

tags | tool, shell, php, rootkit
systems | unix
MD5 | 8e19ae8abd2570913871373fe04844fa
KBeast (Kernel Beast) Linux Rootkit 2012
Posted Jan 1, 2012
Authored by IPSECS

KBeast (Kernel Beast) 2012 is a Linux rootkit that hides the loadable kernel module, hides files and directories, hides processes, hides sockets and connections, performs keystroke logging, has anti-kill functionality and more.

tags | tool, kernel, rootkit
systems | linux, unix
MD5 | c8fbf115fdf309273ce23f94d817210f
WeBaCoo (Web Backdoor Cookie) 0.2
Posted Dec 19, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Built in Tor proxy support. New random delimiter string for each request. Various other updates.
tags | tool, web, rootkit
systems | unix
MD5 | f4fbdca27c7a4629314c184bf09461ff
WeBaCoo (Web Backdoor Cookie) 0.1.2
Posted Dec 9, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

tags | tool, web, rootkit
systems | unix
MD5 | 983c15146c1156bde098d9e81f412157
Jynx Kit Userland Rootkit
Posted Oct 17, 2011
Authored by ErrProne

Jynx Kit is a LD_PRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell. Solid building block for further LD_PRELOAD rootkits.

tags | tool, shell, rootkit
systems | unix
MD5 | c4f68fd8a88e336f5630798bde50c913
PHP SST Sheller 1.0
Posted Oct 16, 2011
Authored by Amir Masoud

This is simply a PHP shell with a bunch of features like spoofing mail, file uploads, and more.

tags | tool, shell, spoof, php, rootkit, file upload
systems | unix
MD5 | f18d5418f6eb91321033867fb1fe68c6
Knull Shell Alpha1
Posted Oct 1, 2011
Authored by knull | Site leethack.info

Knull Shell Alpha1 is a PHP shell that has bind, reverse, and backpipe shells.

tags | tool, shell, php, rootkit
systems | unix
MD5 | 1bd6d6835296305ab21cd1ec34ab8627
Ani-Shell 1.4 PHP Shell
Posted Sep 22, 2011
Authored by Aneesh Dogra

Ani-Shell is a simple PHP shell with some unique features like a mass mailer, ddoser, connect-back shell, bind shell, and various other features.

tags | tool, shell, php, rootkit
systems | unix
MD5 | f789ddc02f9f16fa9f82a31ce2e0f5cf
Turtle FreeBSD Rootkit 2
Posted Aug 28, 2011
Authored by WarGame

Turtle rootkit for FreeBSD. This kernel module hooks unlink() so the protected file cannot be deleted, hooks kill() so the protected process cannot be killed, and has various other nice bells and whistles.

Changes: This rootkit now hides processes and has a remote shell over ICMP packets.
tags | tool, kernel, rootkit
systems | unix, freebsd
MD5 | cf4f4980dd9d360041e530b903ffca53
Page 2 of 11
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Alleged JPMorgan Hacker Set To Plead Guilty
Posted Sep 17, 2019

tags | headline, hacker, bank
The Air Force Will Let Hackers Try To Hijack An Orbiting Satellite
Posted Sep 17, 2019

tags | headline, hacker, usa, conference, military
Gootkit Crew Left Database Exposed Without A Password
Posted Sep 17, 2019

tags | headline, malware, database, data loss, fraud
Attackers Pose As Business Executives To Secure Security Certificates
Posted Sep 17, 2019

tags | headline, cybercrime, fraud, cryptography
Personal Data From Entire 16.6M Population Of Ecuador Leaked Online
Posted Sep 16, 2019

tags | headline, privacy, data loss
Uber Confirms Account Takeover Vulnerability
Posted Sep 16, 2019

tags | headline, hacker, privacy, flaw
iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts
Posted Sep 16, 2019

tags | headline, phone, data loss, flaw, apple
198M Records Of Prospective Auto Buyers Leaked
Posted Sep 16, 2019

tags | headline, privacy, database, data loss
LastPass Bug Leaks Credentials From Previous Site
Posted Sep 16, 2019

tags | headline, data loss, flaw, password
Instagram Fixed Flaw That Links Account Info To PII
Posted Sep 13, 2019

tags | headline, hacker, privacy, data loss, flaw, facebook
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close