what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 176 - 200 of 261 RSS Feed

Files

trNkitv1.0r.tar.gz
Posted Jan 25, 2002
Authored by turnrightNever

trNkit v1.0 -Release- (beta). Includes patched versions of du, locate, netstat, ps, pstree, top, w, and who.

tags | tool, rootkit
systems | unix
SHA-256 | fb11308261e9f479a6f9cbbb82668d53c8a257caa0245ec4fb24c3d7a47feca1
Troier-v1.0r.tgz
Posted Jan 17, 2002
Authored by turnrightNever

Troier is a package of trojaned linux commands. Includes du, locate, netstat, ps, pstree, top, w, and who.

tags | tool, trojan, rootkit
systems | linux, unix
SHA-256 | 36639e9cd73d3706b82e255356a62bb0d1004cbb508747d25be9960364a72ada
darkside-0.2.3.tar.gz
Posted Jan 11, 2002
Authored by LByte

Darkside is a rootkit for unix which hides processes and their children, hides files, manipulates uid's, and modifies the tcp/ip stack to hide connections.

tags | tool, tcp, rootkit
systems | unix
SHA-256 | eb276d600410c8a211cbf397f2b173e3e4002a0aa9941df781e69f1c181d746b
ssh-2.3.0.patch
Posted Dec 9, 2001
Authored by Digital Shadow | Site ministryofpeace.co.uk

SSH-2.3.0 client patch to log outgoing usernames, passwords, and hostnames.

tags | tool, rootkit
systems | unix
SHA-256 | ac70dd5c43e7220631199e96f023cd06a6796d6689b45217f7c81ade8e2345b3
openssh-2.9p2.patch
Posted Dec 9, 2001

Openssh-2.9p2 patch which logs the username, remote host, and password when outbound connections are made.

tags | tool, remote, rootkit
systems | unix
SHA-256 | 54ff25e46677231b2fc92927a45b716aa7cffc530903b1efb79922544c1dcd02
vexed.sh
Posted Nov 22, 2001
Authored by Sil

Backdoor shell script to be run from cron monthly.

tags | tool, shell, rootkit
systems | unix
SHA-256 | 4a51bcecc880b78e5845e0c1ac80f9ec82f41bd9dad31c57256aed344a399b3c
shtroj2.c
Posted Nov 21, 2001
Authored by J.B. Lesage

shtroj2.c is an auto-hiding back door kernel module for linux that executes an arbitrary command when the environment variable TERM is set to a specific password on the execution of a program. Can be used to drop immediately to a functional tty-based shell instead of running /bin/login with sshd and telnetd.

tags | tool, arbitrary, shell, kernel, rootkit
systems | linux, unix
SHA-256 | 2a5e1ed71748161de81d6d0a9b0b72b1da9a35faa6043246f127de53b3988ac9
rkssh6.tar.gz
Posted Nov 13, 2001
Site ne.jp

Patch to sshd-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesn't write anything to the logs.

tags | tool, remote, root, rootkit
systems | unix
SHA-256 | 259dd32e71927e99de52ad09974eeb6521a51b49a626f6d18e3ed47d5da6bfd9
fbrk1-imps.tar.gz
Posted Nov 6, 2001
Authored by Nyo

FreeBSD rootkit. Patches ls, du, find, locate, ps, top, strings, ifconfig, netstat, login, and ftpd. Includes backdoor sysback and sniffer zxsniff.

tags | tool, rootkit
systems | unix, freebsd
SHA-256 | 846d1a294f28721aa038c839384a72e8fc9b706324f5426a23df837e297075f2
SAdoor.0.2.beta.tgz
Posted Sep 21, 2001
Authored by CMN | Site mdstud.chalmers.se

SADoor is a non-listening remote admin tool for UN*X systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent MIME64 encoded in the TCP payload and decoded and passed on to system(3).

tags | tool, remote, tcp, rootkit
systems | unix
SHA-256 | 65218b8628ccf90b31968d77f356467c7ff3ab2195dd393e39834620308e4c3b
kis-0.9.tar.gz
Posted Jul 19, 2001
Authored by Optyx | Site uberhax0r.net

KIS is the Kernel Intrusion System, a powerful client / server LKM based rootkit.

tags | tool, kernel, rootkit
systems | unix
SHA-256 | 1e702e017cefbe936077a52afd9e910ef6941a061c01106f322a61e1984687a9
kbdv3.c
Posted Jul 19, 2001
Authored by Spaceork

Kbd v3.0 is a Linux loadable kernel module backdoor. Allows root access by modifying the SYS_utime and SYS_getuid32 system calls. Can be used in conjunction with cleaner.c from the adore root for stealth capability.

tags | tool, kernel, root, rootkit
systems | linux, unix
SHA-256 | 1e01acc4b6519e04281fd7a9cbecefe015e166620e9d670ffc0d78520451a2d7
tnet-tools-1.55.tar.gz
Posted Jul 19, 2001
Authored by twlc, Twiz | Site twlc.net

Ifconfig and Netstat trojan - reads interfaces (sit0, eth0, eth0:1) from a file , defined in a char[] array and hides it.

tags | tool, trojan, rootkit
systems | unix
SHA-256 | 378ba583e2eec0f73aef01b0a8b1baa9b18c41893fa4a18fdf01ab15e557a2fa
modhide1.c
Posted May 23, 2001
Authored by Nijen Rode

Modhide1.c demonstrates a new method of hiding kernel modules which does not trigger any normal detection techniques because it does not change lsmod or the system call table. Instead it hacks the kernel's memory to make it "forget" the module.

tags | tool, kernel, rootkit
systems | unix
SHA-256 | 0a87b973516873f2b069e3b3d61def3144776cfcecb3dec5ab65fdef5d8cfd01
knark-2.4.3.tgz
Posted May 21, 2001
Authored by Cyberwinds

Knark v2.4.3 port is a usable kernel-based rootkit for Linux which is based on knark-0.59. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects. Also includes a kernel module to protect Linux 2.4 from knark.

tags | tool, kernel, rootkit
systems | linux, unix
SHA-256 | 8f5c94bc7b4e6109a69cfbf0ba826b846e208300a3e71f1087b0b034814e1d8d
kbdis.c
Posted May 8, 2001
Authored by Nijen Rode

kbdis.c disables the keyboard on most x86 systems. Useful for locking out root in a pinch.

tags | tool, x86, root, rootkit
systems | unix
SHA-256 | d2559c85ee2c388d2f54bb79b4cf3e6bd5941488ee9e21421191f8c9b35e5618
Netstat.zip
Posted Apr 25, 2001
Authored by Digital Fire

Netstat.zip is a fake windows netstat which can hide certain network connections. Requires renaming the original netstat.

tags | tool, rootkit
systems | windows, unix
SHA-256 | 860b6249299c2c517df0fd8b78e310c871640ce3fb745d90fcb466415384b19b
infiltrator.tar.gz
Posted Apr 24, 2001
Authored by G0ne | Site scrypt.net

Infiltrator is a unix trojan creation program.

tags | tool, trojan, rootkit
systems | unix
SHA-256 | f538703019e4a991af5d5a97ce7ca5743e75d0f6ba39ee62c4426093a2f86309
apachebd.tgz
Posted Mar 19, 2001
Authored by venomous

Apache backdoor - Backdoors apache 1.3.17 / 1.3.19 to spawn a root shell when a certain page is requested.

tags | tool, shell, root, rootkit
systems | unix
SHA-256 | e698c564d4808ff114e58bf39b34e7af99192e7dd9bcc390a7b4266e71965926
Synapsys-lkm.tar.gz
Posted Mar 16, 2001
Authored by Berserker | Site neural-collapse.org

Synapsis is a LKM rootkit for Linux which features file hiding, process hiding, user hiding, magic UID, and netstat hiding.

tags | tool, rootkit
systems | linux, unix
SHA-256 | 299a271382e7e36674ad25e835c29e4593253f9ee645b9906c074ec6c3d5e012
Rkit-1.01.tgz
Posted Mar 15, 2001
Authored by TBob

RKit is a Linux LKM backdoor/rootkit which intercepts the SYS_setuid call and ups a specified UID to 0 when that user logs in thereby successfully (and covertly) backdooring the root account.

tags | tool, root, rootkit
systems | linux, unix
SHA-256 | 9e0558a46516706382a2647e56185358b0531f40282626e1c0cbf6705a4a05d2
cbd.c.txt
Posted Feb 21, 2001
Authored by Wouter ter Maat | Site digit-labs.or

CBD.c is a simple backdoor which allows machines behind firewalls to be controlled via outgoing connections.

tags | tool, rootkit
systems | unix
SHA-256 | 72680bcedec7e00dde9290e30fe7813178a5b8cda122558b6d3a49b9871d7c3c
eshell.c
Posted Jan 4, 2001
Authored by Luki Rustianto | Site karet.org

Eshell.c is a encrypted bindshell type backdoor which has a server daemon and client with AES encryption via libmix.

tags | tool, rootkit
systems | unix
SHA-256 | c32ad105680ad262b5dca88fcaaaf43d24a5994d3d79f9243bfc0001ca76c38b
ark-1.0.1.tar.gz
Posted Dec 31, 2000
Authored by Ambient

ARK version 1.0.1 - Ambient's Rootkit for Linux. Binaries only. This package includes backdoored versions of syslogd, login, sshd, ls, du, ps, pstree, killall, and netstat.

Changes: sshd backdoor is fixed, and top backdoor is now included. Warning: ARK sends email to a free email account on each system it is installed on - It is backdoored.
tags | tool, rootkit
systems | linux, unix
SHA-256 | 5290ad219fe7b4656f8b268a1ab9f24a89683b677de4edb5caa6daa1708933b0
asmd.tgz
Posted Dec 17, 2000
Authored by Ripper

ASMD is a local root backdoor which is a wrapper which can wrap any setuid binary.

tags | tool, local, root, rootkit
systems | unix
SHA-256 | df90d44218bdc10526d2dbff5bbc12c3638c4953874da10420d36f57091e36eb
Page 8 of 11
Back678910Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close