what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files from Nelson Murilo

Email addressnelson at pangeia.com.br
First Active2000-07-04
Last Active2014-05-23
Check Rootkit 0.50
Posted May 23, 2014
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | 9548fc922b0cb8ddf055faff4a4887f140a31c45f2f5e3aa64aad91ecfa56cc7
Check Rootkit 0.49
Posted Jul 30, 2009
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | ccb87be09e8923d51f450a167f484414f70c36c942f8ef5b9e5e4a69b7baa17f
bh-0.8.6.tgz
Posted Aug 20, 2008
Authored by Nelson Murilo | Site beholderwireless.org

Beholder is a wireless intrusion detection tool that looks for anomalies in a wifi environment.

tags | tool, intrusion detection
systems | unix
SHA-256 | 54dcb92876f4d250d51bd13868b238ad8a48ba3fa54df3cff7576ff8553437c3
chkrootkit-0.48.tar.gz
Posted Jan 3, 2008
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | b4b3d3540a7022aa7a81cae93f28c8475bc2660a21f88126725624c09769f1fb
chkrootkit-0.45.tar.gz
Posted Apr 18, 2005
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Various improvements, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | 67ce369dee026bd488baa977483c0d9784bc6763c815f6018ce19227669ec926
chkrootkit-0.44.tar.gz
Posted Nov 10, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: del counter fixed, better support for Linux threads, Madalin now detected, lots of minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | a6d2f67e1ec0e015cc4054c00654d076ede9156b89ed9bb360dbd47c8dd0d208
chkrootkit-043.tar.gz
Posted Jan 6, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Better PROMISC mode detection on newer Linux kernels, new CGI backdoors detected, new rootkits added, and minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | 116242ca080fe3b4d62772e05c8a42ee4bd5a826ccb49a7b5aa0ed05b58e5758
chkrootkit-0.42b.tar.gz
Posted Nov 11, 2003
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.42b locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Fixed NPTL threading mechanisms, minor corrections, chkrootkit, a new test (vdir), detection of the worms 55808.A and TC2, and detection of the rootkits Volc, Gold2, Anonoying, Suckit (improved), and ZK (improved). Fixed bugs and added BSDI support.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | 489cc91a933ccd03e3e4a99e724a6ab485abe41c239006f50b1bdd6f0cd9a16c
chkrootkit-0.39a.tar.gz
Posted Feb 2, 2003
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.39a locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.

Changes: Solaris bugs where fixed in chkdirs.c, HP-UX support was added to chkdirs.c, A new Adore version was added to chkproc.c, ps thread error fixed in chkproc.c, a Red Hat 8.0 bug was fixed in chkproc.c and detection for several Slapper variants is added to the package.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | c6290a41059d4f3660b135a3cbecaae68e5ad29c3168843f77373a5d6691a710
chkrootkit-0.38.tar.gz
Posted Dec 24, 2002
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.

Changes: chkdirs.c added. chkproc.c improvements. Now includes slapper B, sebek LKM, LOC, and Romanian rootkit detection. new test added: trojan tcpdump. Minor bug fixes in the chkrootkit script.
tags | tool, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | 05b375d49a739715ea4498dc8a321ce52be498a549605eb6d54a8b5313fadead
chkrootkit-0.37.tar.gz
Posted Sep 17, 2002
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.

Changes: New rootkits and worms are now detected - Now looks for 41 different ones including OpenBSD rk v1, Illogic rootkit, and SK rootkit, slapper SSL worm, and FreeBSD scalper worm.. Some bugfixes and improvements were made.
tags | tool, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | 225452edd0039218dbef8e1281881a19422f672c85b9f7ba66194e86edd4ca3b
chkrootkit-0.35.tar.gz
Posted Jan 19, 2002
Authored by Nelson Murilo | Site chkrootkit.org

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD. Tested on Linux 2.0.x, 2.2.x and 2.4.x (any distribution), FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9 and 3.0, Solaris 2.5.1, 2.6 and 8.0.

Changes: Now includes its own strings command, tests for ldsopreload and lsof, new ports added to the bindshell test, and several new rootkits and trojans added, including the RST.b trojan, duarawkz, knark LKM, HiDrootkit, Monkit, Bobkit, Pizdakit, and t0rn v8.0.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
SHA-256 | 245625e58aa65c130869fc32a8e8c06888ee940e89fad501cb0ae03bfd778566
vulcan.tar.gz
Posted Dec 13, 2001
Authored by Nelson Murilo

Vulcan is a simple tool to identify vulnerabilities in several network services. This is done by comparing initial information from a server (its banners) against a database of vulnerable versions. Databases are included for ssh, http, and ftp versions. Includes NT/2000 executable and unix .c source.

tags | tool, web, scanner, vulnerability
systems | unix
SHA-256 | c2b0ed85772617a1f084b00e128df4dbe08e3ccd40116cfc16e4eaa73e16bb32
chkrootkit-0.33.tar.gz
Posted Jun 9, 2001
Authored by Nelson Murilo | Site chkrootkit.org

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.

Changes: New tests added - amd, named, egrep, slogin. Detects more works, including ShitC, Omega, Wormkit, dsc-rootkit, and Maniak. A bug in chklastlog was fixed, as were some other misc bugs.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
SHA-256 | e29c1a0b2dde2068163c77b587c8fbe517fc5f4cedec74a896122def2ccd37dd
chkrootkit-0.30.tar.gz
Posted Mar 27, 2001
Authored by Nelson Murilo | Site chkrootkit.org

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.

Changes: Now detects RK17 and the lion worm. New tests - Now checks for patched versions of basename, dirname, traceroute, rpcinfo, rexedcs, date, echo, env, timed, identd, pop2, pop3, write, tar, mail, biff, and grep.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
SHA-256 | ded10ae067d2ad1653ba7b8d67cc5c3c8d994e3edef7bd1dd14a257e0160f21a
chkrootkit-0.23.tar.gz
Posted Mar 16, 2001
Authored by Nelson Murilo | Site chkrootkit.org

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.

Changes: Lrk6 detection, rh[67]-shaper detection, RSHA detection, Romanian rootkit detection, test for shell history file anomalies, and a better bindshell test.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
SHA-256 | 4fb32cf69c099e1c1c8fb0a829f0cf20295af56a66ccb91b51642d0d8d5d2baf
chkrootkit-0.21.tar.gz
Posted Jan 24, 2001
Authored by Nelson Murilo | Site chkrootkit.org

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.

Changes: Detects the Ramen worm, latest t0rnkit, and bug fixes.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
SHA-256 | c435fd9700ceaa071891150d6134945cfc7d03d4ae79334562567a2b0e0ccbab
chkrootkit-0.19.tar.gz
Posted Dec 27, 2000
Authored by Nelson Murilo

chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.

Changes: Ambient's Rootkit for Linux (ARK) detection, OpenBSD support, xinetd support, new command line options, and bug fixes.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd, openbsd
SHA-256 | afe99cb3dadecbc1cdf1ac56fab17283b5c7eca9640f4798fd3ff404e05b2234
chkrootkit-0.17.tar.gz
Posted Sep 20, 2000
Authored by Nelson Murilo

chkrootkit V. 0.17 locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, and Solaris.

Changes: Add tests for new and popular variations of rootkits, including Tornkit. Now attempts to identify LKM rootkits.
tags | tool, integrity, rootkit
systems | linux, unix, solaris, freebsd
SHA-256 | bc34744b5328306b93b47066622634a50b5c355452a1f2b68495fe700faa53b4
chkrootkit-0.16.tar.gz
Posted Jul 17, 2000
Authored by Nelson Murilo

chkrootkit V. 0.16 locally checks for signs of a rootkit. Includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and FreeBSD 2.2.x, 3.x and 4.0.

Changes: Add tests for new and popular variations of rootkits, better port for Solaris and performance patches.
tags | tool, integrity, rootkit
systems | linux, unix, freebsd
SHA-256 | dce1bb35a3eae94ae776ffa1b6b40a4695555ca9c51dec2103f00d0a70dce590
chkrootkit-0.15.tgz
Posted Jul 4, 2000
Authored by Nelson Murilo

chkrootkit V. 0.15 locally checks for signs of a rootkit. Includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and FreeBSD 2.2.x, 3.x and 4.0.

Changes: lrk5 detection, Sun/Solaris support, and Red Hat fixes.
tags | tool, integrity, rootkit
systems | linux, unix, freebsd
SHA-256 | 9e7692f3446815890da483169ccdc3ecf6042caa923cd3052ced18f3a23e3cde
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close