Passwd trojan for freeBSD.
cdd23a2c21d690c20992f80c2ec62f9026e95849ee543c69944edba7a913e4b0
Passwd trojan for IRIX. This trojan logs the username and password, and mails such information to you.
09d660e6270d32cdfff43d868a72322ba1e8dab294bc930609334181ca2f9b3c
Passwd trojan for LINUX.
4db56a2c0f204a8959f80a1ffcf2bf945efa79d4229a6248ed56a139d073c0ab
Passwd trojan for Solaris.
ef068708f03fa03d4e1212a40a9379fe4e30c77bae2c0e73b6d1a7b8abed5ae9
Passwd trojan for SunOS4.
6705d48e71bcd62325368a30a22a9fea3ac169cb5d6df54b833142a483c59486
This is the "/.rhosts" backdoor creation daemon. This is the faked telnetd, if you connect to the telnet port of the target host which is installed this daemon from the specified host, the "/.rhosts" is rewrited to "+ +", you can login to the target host by the "rlogin target -l root". Of course, the telnetd can be used normally.
c32ec321ca871c53d08c5f8fb36a055972ee9910a8d122593a2f2f31efa11dcf
Very small and useful trojan for Win32. It can be controled by general browser.Posted by DP, Nov.02,1999. http://members.xoom.com/taisaku/
f6cf31da399b2b0f9dbc5e2e41b1cfa367eaf816fd9fcc243731819dbbf42ef7
In the Penguin Toolbox, I published the exploit code that can send and execute a trojan program which is prepared in the attacker host, this is server program which is used by such exploits. This program sends the "*.exe" program to the victim host, and the exploit code executes it.
3785acd89b0627bb0ef8d5130be987022c5b53f167ba149a946ecd9ecf90d7f0
This is the simple half-open and stealth TCP port scanner. In the half-open mode, this program can recognize the OS type of target host.
32e709a661e220b738d8af8a04858a9eada7064b9ef38ccedab2e39d546a9dac
If you install the ps faker, ifconfig faker, and HRS, the size of such programs will be smaller than original commands. This program adjusts the size of executable program, avoids the size check.
2413610b36dcae7b4fba1e18c2f42262d83be3f8ecfc23618f09a66ace891e30
SU trojan for Digital.
f864eead797fb8ef81bfa7a1ebcd0e0493d4376e36a4cf31aff05b0607f7977e
SU trojan for IRIX. This trojan logs the passwords. If you install the su trojan correctry, local users or admin fails the first "su", and the password which is inputed to su trojan has been logged to the specified file.
b9a61aed270653dede216eaf5ac1c259c5ea5419f9ee880e78b1b886f82ed8d5
SU trojan for Solaris2.4
7d451e5c81e8a9f61f40a23f691d0dbec1c4886050391aaf2366daa9bfa85f92
SU trojan for Solaris2.5
55fb124bfca319c507f664170de672439a7c1d8d4cca67cebf1f05fef5b415dd
SU trojan for SunOS4
4938fe0ec4e5d98391a438fef24aaf9aa7237fd94200a3cdf7746374df1a81cd
SU Trojan Ver2.00
8e2561a86b87d67b0c8aaf035c96eb3b514b397b8adcd4f3282ce1769b701c7b
Patch for tcpdump 3.4 to dump the packet as ascii character. Posted by TIP(webmaster@filez.org), Sep.20,1999. http://filez.org/
567208256813ad7ca4e9a37ad83d103c956ff7351eeb18934c1e686490012493
This is a backdoor program which can be accessed remotely as telnetd. TDM can not use telnet, rlogin, and ftp command, but this backdoor can use such command. However, you have to specify the correctry return code in the telnet client. If you can not change the return code, the "CR" code will be added and sent, so you type";" at the tail of your command.
64704ae0154649437e7a802c9cf79bf59162f704f6d62c5226fda356a3d9e97e
This is a backdoor program which can be accessed remotely as telnetd. You can login without username and password to the host which is installed this program. This program also can use as CGI program if you send the compiled binary and change the permittion to 755, you can use the UNIX shell command on the ISP that doesn't accept the shell account.
ba8473ce86555572052efc2540c52cbe9ac33dc41a08daf855dc0478fbd66e32
This is the UDP based backdoor which supports the UNIX shell command. Generally the UDP packet is not checked by the poor firewalls and packet screening programs, this program is useful in such environment.
2e10df96931abc5c45deec213530080deb25ba1067ab8ff8c1fb756156fc9803
This is the simple UDP port scanner based on the ICMP.
314c414c2bd72da0ebbe9cdc1fb71e743021f8b7b697f033d333a4eaf7e345c0
The general log wipers write the null entry to the logfiles, so admin can check the wiped traces such as the wiped. This log wiper wipes the log entry of wtmp, wtmpx, utmp, utmpx, lastlog without such wiped traces. This utility can also reconstruct the zapped logs, and remove the null entry. The usage is same as zap.
0e94ee8b379096446305b29244172ec0210e88ab446a46592575545865b7a9fe
This utility replace the entry of the unix logfile of /var/adm/utmp,utmpx
34abd14218f3e491e5f0bb6ab18982b639e88982bf671b1a9d6440021dc99c36
This is the general log wiper for Solaris, SunOS, IRIX, Linux, FreeBSD.
005023c66ef99e3f03ac1e3670464cdaa9c46893d30f92fcb7f5605e2eb682fa
If you install the sniffer on the SunOS, admin can know that the sniffer is installed by the ifconfig command. This program fakes the ifconfig command, the PROMISC message will not be shown.
6f65796d9af8de0a7ceea28433d088ca97aec05d98810909a7e7ff4413e4b79c