exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 151 - 175 of 524 RSS Feed

Rootkit Files

Small Python Backdoor
Posted Jan 21, 2012
Authored by Reflex

This is a very small backdoor written in Python.

tags | tool, rootkit, python
systems | unix
SHA-256 | d0baeea38076b6dcda8e266effbaece56f3447f95f42e03b5da43c0f47bbafef
Priv8 2012 Bypass Shell
Posted Jan 16, 2012
Authored by izleyici

This is a php shell that offers various connect-back methods, the ability to read files, grab source, execute code, etc.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | 65024e9ae949507819c9344a2e134ff406e24c6e2a54ded2dab8ef8e6e7d1f83
Log2Command 1.0
Posted Jan 2, 2012
Site it.sverigedemokraterna.se

log2command is a PHP script that tracks IPs in log files and executes shell commands per each IP. log2command was created as a sort of reverse fail2ban or cheap VPN-firewall: a machine with a closed firewall can be told, by a foreign machine, to accept connections from a specific IP. log2command then keeps track of the webserver log file and watches for inactivity from the user's IP. After an amount of time another command is executed that can remove the user's IP from the firewall, closing down the machine again. The PHP script is a command-line program that can be run in the background.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | df3d9c8ed704fef75b0299e0e7a5d3f53ce40512cc6b54ed3e1432b1ad72df36
KBeast (Kernel Beast) Linux Rootkit 2012
Posted Jan 1, 2012
Authored by IPSECS

KBeast (Kernel Beast) 2012 is a Linux rootkit that hides the loadable kernel module, hides files and directories, hides processes, hides sockets and connections, performs keystroke logging, has anti-kill functionality and more.

tags | tool, kernel, rootkit
systems | linux, unix
SHA-256 | 63f6b4bc4339137a2e0815584ec2c392125bf6d3a2e797f3285be98719fd091b
WeBaCoo (Web Backdoor Cookie) 0.2
Posted Dec 19, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Built in Tor proxy support. New random delimiter string for each request. Various other updates.
tags | tool, web, rootkit
systems | unix
SHA-256 | 8e6fe6a513916c776350b0cbff29427e8719a4d3095dfe4fdd3b4ad34e3bde2e
WeBaCoo (Web Backdoor Cookie) 0.1.2
Posted Dec 9, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

tags | tool, web, rootkit
systems | unix
SHA-256 | 6e46638034d12ee47a4a4955583b5065ffc4d0142d553c15fc90abbf42ca5b89
Jynx Kit Userland Rootkit
Posted Oct 17, 2011
Authored by ErrProne

Jynx Kit is a LD_PRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell. Solid building block for further LD_PRELOAD rootkits.

tags | tool, shell, rootkit
systems | unix
SHA-256 | bbeb032e2f9929a6af65472aee0188c9962b2569eed6ca4c4d073142f10ab850
PHP SST Sheller 1.0
Posted Oct 16, 2011
Authored by Amir Masoud

This is simply a PHP shell with a bunch of features like spoofing mail, file uploads, and more.

tags | tool, shell, spoof, php, rootkit, file upload
systems | unix
SHA-256 | 4b62d88653f707028740984998a846bce54234865cd62cec045e7c6dffb125ed
Perl CGI Shell
Posted Oct 15, 2011
Authored by Marshall Whittaker

This is a Perl CGI backdoor that provides shell-like capability.

tags | tool, shell, cgi, perl, rootkit
systems | unix
SHA-256 | 09fc7f09f2300df12f0b671a4184d8050707a0d7248afe5344459a60b8ed9388
Knull Shell Alpha1
Posted Oct 1, 2011
Authored by knull | Site leethack.info

Knull Shell Alpha1 is a PHP shell that has bind, reverse, and backpipe shells.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | ad77bcbd30f3d90fdb9ea4fa2d171918170d050e6362eb389985fee2e78fd1ef
Ani-Shell 1.4 PHP Shell
Posted Sep 22, 2011
Authored by Aneesh Dogra

Ani-Shell is a simple PHP shell with some unique features like a mass mailer, ddoser, connect-back shell, bind shell, and various other features.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | 5d436e5e3f0f9049b1f6c13ff1c3e8d6533281bd4fb1495f94866b260b5e0b5a
Turtle FreeBSD Rootkit 2
Posted Aug 28, 2011
Authored by WarGame

Turtle rootkit for FreeBSD. This kernel module hooks unlink() so the protected file cannot be deleted, hooks kill() so the protected process cannot be killed, and has various other nice bells and whistles.

Changes: This rootkit now hides processes and has a remote shell over ICMP packets.
tags | tool, kernel, rootkit
systems | unix, freebsd
SHA-256 | 5d9c7ea1f5b26a22623fcf4d3cef0c6fe8dce24ab8d206098990fb0f90ad98ce
H4ckCity Auto T00ls 1.0
Posted Aug 24, 2011
Authored by Farbod Mahini | Site h4ckcity.org

This perl script performs a variety of auto-rooting and shell install attempts on a given host once a shell is obtained.

tags | tool, shell, root, perl, rootkit
systems | unix
SHA-256 | b0cc1594ea4f50c159650a89af0baaf2a3e7692cd196414dd2e258a9403aebe6
GotRoot Shell Script
Posted Aug 9, 2011
Authored by Codeine

This post-escalation bash script sanitizes 29 logs, adds a root user, and allows for package installation including hashcat, nmap, and more. Written for Ubuntu.

tags | tool, root, rootkit, bash
systems | linux, unix, ubuntu
SHA-256 | dbcfe980157abcbf52b90ed25f13f5a5ca5b90bf4ec49c9d58423b69de944a14
H4ckcity Sheller Code And Tutorial
Posted Aug 7, 2011
Authored by 2MzRp, LocalMan | Site h4ckcity.org

This archive has the H4ckcity PHP backdoor script along with a tutorial written in Persian.

tags | tool, php, rootkit
systems | linux, unix
SHA-256 | 8ebfc9a80c59fc7685830768e0b0e61b40167f043d648478e5de84c59a300d6e
Mini PHP Shell 27.9-2
Posted Jul 31, 2011
Authored by jos_ali_joe

Mini PHP Shell is your typical backdoor script that allows for connect back and more. This is the second version of this code.

tags | tool, shell, php, rootkit
systems | linux, unix
SHA-256 | eb6f1019f07d380f45838dfde45f359549911f171c4ee66a905a4cce2f907d52
SyRiAn Sh3ll 7
Posted Jul 6, 2011
Authored by SyRiAn_SnIpEr, SyRiAn_34G13, Darkness Caesar

SyRiAn Sh3ll is a PHP backdoor that allows for database access, local exploitation of the host, and more.

tags | tool, local, php, rootkit
systems | linux, unix
SHA-256 | 0e7f6e9c57da41f9316262dc22b4b3227f52c30f15747639a8780ab3c18c4fa8
Linux Log Eraser 1.0
Posted Jun 24, 2011
Authored by b0nd

Linux Log Eraser is a set of shell scripts that will cleanly search for specific data in log files and wipe it.

tags | tool, shell, rootkit
systems | linux, unix
SHA-256 | 95e5b4de0d464237f30ee46db6a927d32413a09a1920196afceecda3fb7df6f0
Viper Auto-Rooting Script
Posted Jun 16, 2011
Authored by Bl4ck.Viper

This is the Viper auto-rooting script that is written for Linux, SunOS, Mac OS X, and FreeBSD.

tags | tool, root, rootkit
systems | linux, unix, solaris, freebsd, apple, osx
SHA-256 | 5c2ab18173e0e9d1c12ceccdd9635d100e00896d535a7816b65d5b030a8c0d1a
Complemento Penetration Tools 0.7.7.2
Posted Jun 15, 2011
Authored by crossbower | Site complemento.sourceforge.net

Complemento is a collection of tools for penetration testing. LetDown is a TCP flooder written after reading the Fyodor article "TCP Resource Exhaustion and Botched Disclosure". Reverse raider is a domain scanner that uses brute force wordlist scanning for finding a target's subdomains or reverse resolution for a range of IPs. Httsquash is an HTTP server scanner, banner grabber, and data retriever. It can be used for scanning large ranges of IPs for finding devices or HTTP servers.

Changes: Various updates.
tags | tool, web, tcp, rootkit
systems | unix
SHA-256 | 01cec2d94c04ad80540724c9d1a4dcd23cc5c4d7af0fd832e9e85cb729918512
Ncom Libcall Hijacking Rootkit
Posted Mar 27, 2011
Authored by Alessandro Grassi

Included in this archive is a private rootkit found in the wild that uses libcall hijacking. A detailed research analysis of how it functions has been created and is in the ncom.txt file.

tags | tool, rootkit
systems | unix
SHA-256 | 796fea476f1404100a509b2b4c0c463f28d539d1bb611efada016038aad1d7a1
Mini PHP Shell 27.9
Posted Jan 16, 2011
Authored by jos_ali_joe

This is a mini PHP shell backdoor.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | ce3727dee0bfe24748ff55a754c2baf9af611303b49bad0a39c00e4cafd407c3
Rootkit Discovered On Debian Lenny Host Post Exim Compromise
Posted Dec 17, 2010
Site reddit.com

This tarball was discovered on a compromise Debian Lenny host after it was compromised via the recent remote root Exim vulnerability. It includes binaries such as the MIG logcleaner, backdoored versions of top, uptime, free, pgrep and more. Please note that a thorough analysis of these binaries has not been performed and they must be considered unsafe and untrustworthy. Only use the enclosed contents for research purposes. Further details regarding this rootkit can be obtained via the reddit site link.

tags | tool, remote, root, rootkit
systems | linux, unix, debian
SHA-256 | 6a324fcebd39bee3df601a2c0bae779d4238f227c025bef29ca33382ddbcd665
Rootkit Hunter 1.3.8
Posted Nov 18, 2010
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: The change log lists 24 bug fixes, 29 changes and 18 new items.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
SHA-256 | fb1fb8bac53bab476142b5556140c59d589bc0f45d3dc058f400f2edada77a33
ITSecTeam Shell 2.1
Posted Nov 2, 2010
Authored by ItSecTeam

This is a backdoor PHP shell from ITSecTeam. It can execute system commands, bypass various controls, connects to common databases and edits files and directories.

Changes: Various clean-up. Added server information, system drive listing and more.
tags | tool, shell, php, rootkit
systems | unix
SHA-256 | ae3a70be5946b093e55e474cf25408d6390702e587d8d5b24404f442be5ddbd5
Page 7 of 21
Back56789Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close