what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 201 - 225 of 525 RSS Feed

Rootkit Files

wtmpclean WTMP Modification Tool
Posted Jan 16, 2009
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: Raw output highly improved. Timestamp preservation. Various other updates.
tags | tool, rootkit
systems | unix
SHA-256 | 06ff390e8f2c60cbef74d220f8da2a1dd9f150cfcec34e73563cf52cb6e2beb6
Rootkit Hunter 1.3.4 Is Released
Posted Dec 31, 2008
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: The changelog for this release is packed listing 4 new additions, 8 changes, and 9 bug fixes.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
SHA-256 | d85d179850fee8ab04bc1733680c9c6dd8a1577975c12554db9c52bf4f7c50ba
Complemento Penetration Testing Tool Kit
Posted Dec 31, 2008
Authored by crossbower | Site complemento.sourceforge.net

Complemento is a collection of tools for penetration testing. LetDown is a TCP flooder written after reading the Fyodor article "TCP Resource Exhaustion and Botched Disclosure". Reverse raider is a domain scanner that uses brute force wordlist scanning for finding a target's subdomains or reverse resolution for a range of IPs. Httsquash is an HTTP server scanner, banner grabber, and data retriever. It can be used for scanning large ranges of IPs for finding devices or HTTP servers.

tags | tool, web, tcp, rootkit
systems | unix
SHA-256 | 6933bf187c12a9167f4b60b368ae8ab9d19eb3c8cd8421225b57193f574875c1
wtmpclean WTMP Record Modification Utility
Posted Dec 31, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: Added username swapping functionality.
tags | tool, rootkit
systems | unix
SHA-256 | fda74d072613a262442900c528b80d31a6a07d31f9a3e533af5953fcabce95c8
Complemento Penetration Testing Kit
Posted Dec 9, 2008
Authored by crossbower | Site complemento.sourceforge.net

Complemento is a collection of tools for penetration testing. LetDown is a TCP flooder written after reading the Fyodor article "TCP Resource Exhaustion and Botched Disclosure". Reverse raider is a domain scanner that uses brute force wordlist scanning for finding a target's subdomains or reverse resolution for a range of IPs. Httsquash is an HTTP server scanner, banner grabber, and data retriever. It can be used for scanning large ranges of IPs for finding devices or HTTP servers.

tags | tool, web, tcp, rootkit
systems | unix
SHA-256 | a9c415af494e5be03b60dde1ffa3bf530546c49c85c8648c3fab1f8a7ec24f93
Hacked Version Of Script
Posted Dec 9, 2008
Authored by Andrea Montanari

Hacked version of script that logs everything typed to /tmp/.x11sock. Based heavily on script.c.

tags | tool, rootkit
systems | unix
SHA-256 | ffaedfe839e7a9bcf9b642da14a75df2d7fe351c1b3e44ff9b7c3b251816b3b0
logtamper_v1_1.tgz
Posted Nov 29, 2008
Authored by xi4oyu

logtamper is a modified version of wtmpclean that also modifies UTMP and lastlog related entries.

tags | tool, rootkit
systems | unix
SHA-256 | 3b91e179a45b5eacb1d5fa151035d3156b4042052dfe386d70c8b77d932f4611
psbot.py.txt
Posted Sep 3, 2008
Authored by Qnix | Site 0x80.org

Psbot is an IRC bot written in Python that allows for remote command execution, connectback functionality, and backdoors to be spawned.

tags | tool, remote, rootkit, python
systems | unix
SHA-256 | 19b5101f1c3bdf98f9f2f07a8b9f2bec6d802f32d23c11cca99b5a7b568b20c9
evilshell.c
Posted Sep 3, 2008
Authored by Simpp

3vilsh3ll is a remote backdoor that shuffles a shell back to a remote host when hit with an ICMP packet that has special settings.

tags | tool, remote, shell, rootkit
systems | unix
SHA-256 | a4a668163c7e61330d54c7d954f4e67c8d4b0cf20bf7c6186e755e7be503d257
c99.tgz
Posted Aug 19, 2008
Authored by Kristo Pher | Site kkteam.co.uk

The Klueless Klowns Team variant of the c99 php shell.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | 0fe81b489e390113feb7ba02fccf9f98d277d8a6fe930743d7211895dc8acf41
ezmal-0.2.zip
Posted Jul 31, 2008
Authored by microphone8000

EZMal is a Mac OS X Trojan Kit that will attach a persistent bindshell to applications.

tags | tool, trojan, rootkit
systems | unix, apple, osx
SHA-256 | ede6c9e28e6281d843450ff08dfd351c31a3be99c34168bd69790f9c74034168
wtmpclean-0.6.3.tar.bz2
Posted Apr 29, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: A couple of new options and some fixes.
tags | tool, rootkit
systems | unix
SHA-256 | 12168d4c3145e0f6b678c55eff6387f687f000f74a0623f34ce53fafff297193
nicelog-1.0.tgz
Posted Apr 24, 2008
Authored by xi4oyu

logtamper is a modified version of wtmpclean that also modifies UTMP and lastlog related entries.

tags | tool, rootkit
systems | unix
SHA-256 | 5dbf4006c99bb31134bc547b72082e90998cd71495487da8ef3897aefd71d69f
3vilSh3ll.c
Posted Mar 19, 2008
Authored by Simpp

Classic backdoor bindshell that is password protected, hides activity, forks, and does all the expected functions of an evil backdoor.

tags | tool, rootkit
systems | unix
SHA-256 | 344dd067c46597172bc90327ee89b098c5816e46349abe086be4e827d488c46c
wtmpclean-0.6.2.tar.bz2
Posted Mar 17, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: Moved DEFAULT_WTMP definitions to wtmpclean.h Some other fixes and updates.
tags | tool, rootkit
systems | unix
SHA-256 | 1bb194e0462be258e681e6bb23043395da5c68ad8b589edd87ec58c79122c450
wtmpclean-0.6.1.tar.bz2
Posted Feb 15, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

tags | tool, rootkit
systems | unix
SHA-256 | 62646bee1369f825ada1b4dbd2ce791d274d156eac9ed39b290c4839a228a956
wtmpclean-0.6.tar.bz2
Posted Feb 1, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

tags | tool, rootkit
systems | unix
SHA-256 | 234a8b9af70ef0006f0f5477e9410170516475daccf33211750a951091da4230
m_rev-0.2.c
Posted Jan 30, 2008
Authored by ernie@ernie

A little ptrace()-based utility for process argument/name hiding. Works on most Linux 2.6 kernels/configurations (x86/x86-64 architecture).

tags | tool, x86, kernel, rootkit
systems | linux, unix
SHA-256 | c8189416cea76ef2b7593e1099350b755174245c2e87c027f52dae3aff4fe941
wtmpclean-0.5.tar.bz2
Posted Jan 30, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

tags | tool, rootkit
systems | unix
SHA-256 | 4c6b6e705a27106b72bb65014c68ecfc5b29348e4c0e38b8725f23d82a2de3ef
wtmpclean-0.4.tar.bz2
Posted Jan 25, 2008
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

tags | tool, rootkit
systems | unix
SHA-256 | a1a62e3e9235bf5899827ff0430ec07ad182570ba5cdb9b3260c0fd30edc4f61
chkrootkit-0.48.tar.gz
Posted Jan 3, 2008
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | b4b3d3540a7022aa7a81cae93f28c8475bc2660a21f88126725624c09769f1fb
bluediving-0.9.tgz
Posted Dec 28, 2007
Authored by Bastian Ballmann | Site sourceforge.net

Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, and has features such as Bluetooth address spoofing.

Changes: Minor tools compile bugfixes by fireangel148. Minor compile bugfixes by niekt. Minor menu management / sound check bugfix by niekt. make_tools.sh now compiles redfang. Bugfixes in loop mode.
tags | tool, spoof, rootkit
systems | unix
SHA-256 | 8d9eaac59c9b6d053e51e73ce7afeef74c2480e0e146e1ca16e7aa041b695cf6
matahari-0.1.22.tar.gz
Posted Dec 6, 2007
Authored by Martin Obiols Herrera | Site matahari.sourceforge.net

This is a script to obtain a basic shell remotely on unix systems behind firewalls. Client gets commands by periodically polling the server and sends the output back after executing them. Traffic traverses firewall as standard outgoing HTTP GET/POST requests. HTTP requests/responses carry payload b64 encoded.

tags | tool, web, shell, rootkit
systems | unix
SHA-256 | bcbe505bee2a0877ae0ac0de00bbeda57cfbcbba46d50332bd6b6a0dde1abf18
rathole-1.2.tar.gz
Posted Nov 30, 2007
Authored by Incognito/STK

RatHole is a unix backdoor which compiles cleanly on standard Linux and OpenBSD (probably other BSD flavors also) without additional libraries. It features blowfish encryption, process name hiding and definition of a preferred shell. It spits no error messages (like for sockets already bound) because it is supposed to be stealth. When a client connects to the backdoor a new shell process and two pipe files are created. The I/O of the shell is duped to the pipes and the daemon encrypts the communication.

tags | tool, shell, rootkit
systems | linux, unix, bsd, openbsd
SHA-256 | fbe5c36d731f754dcc4388d276bef0b3b889807efd52695ac4245bf802edad60
aspxshell.aspx.txt
Posted Nov 13, 2007
Authored by LT

Basic ASP.NET shell that, once uploaded to a server, can be used to execute shell commands and upload, download, and delete files.

tags | tool, shell, rootkit, asp
systems | unix
SHA-256 | abb3ddc945d147a4ed435b71490764bc4a2860f4ad264052f407357911bd6746
Page 9 of 21
Back7891011Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close