Exploit the possiblities
Showing 76 - 100 of 551 RSS Feed

Trojan Files

Technical Cyber Security Alert 2005-189A
Posted Jul 9, 2005
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA05-189A - Apparently there is a heightened amount of direct email attacks where trojans are being passed to unsuspecting users. The emails being sent are very well crafted and are directed specifically to the users they are being sent to.

tags | advisory, trojan
MD5 | ce42c70ef473032b039446dfc97d22eb
chkrootkit-0.45.tar.gz
Posted Apr 18, 2005
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Various improvements, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | 57493e24ca81750a200d8bcb4049e858
p3scan-2.0.tar.gz
Posted Jan 22, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

tags | worm, web, trojan
systems | linux, unix
MD5 | 994a47f8982f40a954e97f3c3d808bab
grams.html
Posted Nov 13, 2004
Authored by Joe Stewart | Site lurhq.com

Full analysis of the Win32.Grams trojan. It differs from previous E-Gold phishing trojans in that it does not steal credentials instead uses the victim's own browser to siphon all the E-Gold directly from their account to another E-Gold account, using OLE automation. This would completely bypass all the new authentication methods financial institutions are using to thwart keystroke loggers/password stealers, because the trojan simply lets the user do the authentication, then takes over from there.

tags | paper, trojan, virus
systems | windows
MD5 | 595a24440e3a2c58515e37bc9c53b38e
chkrootkit-0.44.tar.gz
Posted Nov 10, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: del counter fixed, better support for Linux threads, Madalin now detected, lots of minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | d1ea2951dfaa76aed3ce8554c0769626
FakeRedhatPatchAnalysis.txt
Posted Oct 27, 2004
Site k-otik.com

A full analysis of the fake Fedora-Redhat security alert with trojan source code.

tags | advisory, trojan
systems | linux, redhat, fedora
MD5 | afe97363f72f5d2da14e92ba4526ef65
hitb04-captain-crunch-02.pdf
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by John Draper (Captain Crunch): "Secur ity Threats from Spamming" (part 2). Discusses security issues related to the sp ybots and trojans typically used by spammers, when the same spybots and trojans are used by more malicious / underground hackers.

tags | trojan
MD5 | a7df3435bb1d6e8d4f1d3736507aabf2
hitb04-captain-crunch-01.pdf
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by John Draper (Captain Crunch): "Security Threats from Spamming" (part 1). Discusses security issues related to the spybots and trojans typically used by spammers, when the same spybots and trojans are used by more malicious / underground hackers.

tags | trojan
MD5 | 16b4843a0e111977e560688812baac9c
p3scan-1.0.tar.gz
Posted Sep 21, 2004
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

tags | worm, web, trojan
systems | linux, unix
MD5 | d5d354f85727667e781bc5e05e4ffb4d
html-trap.procmail.1.145.gz
Posted Sep 21, 2004
Authored by John Hardin | Site impsec.org

Email Security through Procmail 1.145 - Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.

Changes: Various bug fixes.
tags | worm, trojan
systems | unix
MD5 | 4c238be4a482900ad0414eedeb347be7
backdoor-list.txt
Posted Aug 31, 2004
Authored by Klemster, indiasec | Site indiasec.com

List of the most known backdoors and the ports they use. It has 130 different trojans and more than 150 ports listed.

tags | trojan
MD5 | cd1a49aa433809e5d42843932e23dfbe
abouttrojans.txt
Posted Aug 31, 2004
Authored by Klemster, indiasec | Site indiasec.com

White paper discussing Windows trojans. Written for newbie home PC users.

tags | trojan
systems | windows
MD5 | faa411ac4be1571c679715825909e403
scob.trojan.zip
Posted Jun 28, 2004
Site k-otik.com

Full source code of the Scob trojan downloader. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
MD5 | a9856c91e925fe7ef8f8649bfcd87b75
syscheck-0.6.3.tgz
Posted Jun 25, 2004
Authored by steveg | Site stevegcentral.com

Syscheck version 0.6.3 is a utility for performing sanity checking on system files, services, and ports. It attempts to identify any trojans or rootkits that may be getting used and also looks for vulnerable software installed. ELF binary included.

tags | trojan
systems | unix
MD5 | 647cdd7de4f71fdd4db378e98b304412
analysis.tgz
Posted Jun 8, 2004
Authored by Jelmer Kuperus

Complete analysis of the 180 Solutions trojan along with exploitation tools that demonstrate at least two new unpublished vulnerabilities in Microsoft Internet Explorer 6 that allow for arbitrary code execution.

tags | exploit, arbitrary, trojan, vulnerability, code execution
MD5 | 3673f2d74f6184a4a126bf6b2228c59f
boclient-1.3.1.tar.gz
Posted May 21, 2004
Authored by Dobrica Pavlinusic, Omega

boclient 1.3.0 - boclient is a remote windows administration tool which uses BackOrifice or NetBus servers on Windows. It is an improvement of version 1.21. Most recent versions have GNU readline support, NetBus commands, portability to other platforms (BeOS, QNX and 64bit architectures like Alpha) and async network I/O. Archive password is set to p4ssw0rd. Use at your own risk.

Changes: Initial non-developer release.
tags | remote, trojan
systems | windows, beos
MD5 | 9eba0ef738d56dd4491716ee49767b03
SecureServ-1.2.tar.gz
Posted Feb 21, 2004
Authored by Justin | Site neostats.net

SecureServ is an IRC trojan detector. It is much like a virus scanner, but aimed at IRC networks. Using several methods, including version checks, behavior analysis, and general pattern matching, it aims to detect trojans, viruses, and floodbots which connect to your IRC network.

Changes: Various bug fixes and enhancements for current functionality.
tags | trojan, virus
MD5 | 0d08427d3d05356a11667f8e9208412f
SecureServ-1.1.tar.gz
Posted Feb 8, 2004
Authored by Justin | Site neostats.net

SecureServ is an IRC trojan detector. It is much like a virus scanner, but aimed at IRC networks. Using several methods, including version checks, behavior analysis, and general pattern matching, it aims to detect trojans, viruses, and floodbots which connect to your IRC network.

tags | trojan, virus
MD5 | 27fe83af595cd45aef2a2ddd73b75d25
systemsearcher.tgz
Posted Feb 6, 2004
Authored by ByteBeater | Site geektown.de

SystemSearcher is a Linux security scanner written in Perl. It scans single hosts or subnets for anonymous FTP servers, TFTP servers, SMTP servers which allow relaying, SSH servers, Telnet servers, NFS servers with exported directories, mail servers, Web servers (HTTP/HTTPS), well- known trojan ports, and exploitable CGIs. You can also scan a list of specific servers and specific ports. It uses non-blocking socket communication with a 3-second socket timeout. It can also scan for proxy servers which are open to the world (on port 80,8080,1080, or 3128), and SMB servers or Windows boxes sharing directories.

tags | tool, web, cgi, scanner, trojan, perl
systems | linux, windows, unix
MD5 | bc0ace69b5648e351d559893bfa25129
netbusWeb.txt
Posted Jan 23, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

The NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.

tags | exploit, remote, web, trojan, file upload
MD5 | 2624c5acf74b527be57358fb2e4904c5
Back_orifice.EXE
Posted Jan 8, 2004
Authored by Cirucorporation

This is a hacked version of back orifice which has been changed with ResHack so it is not yet detectable as a trojan. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
MD5 | a53b56c7f27fbbce6e97ccae99543f7e
chkrootkit-043.tar.gz
Posted Jan 6, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Better PROMISC mode detection on newer Linux kernels, new CGI backdoors detected, new rootkits added, and minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | 08646b9bf3a9dc45c25a40946962a839
kstat24_v1.1-2.tgz
Posted Dec 1, 2003
Authored by s0ftpj, FuSyS | Site s0ftpj.org

Kernel Security Therapy Anti-Trolls (KSTAT) is a very powerful security tool to detect many kinds of rogue kernel rootkits. It analyzes the kernel through /dev/kmem and detects modified syscalls as well as various other problems. This version runs on 2.4.x only, and can assist in finding and removing trojan LKMs. It supports network socket dumps, sys_call fingerprinting, stealth module scanning, and more.

tags | kernel, trojan
MD5 | 96954a3d4b4dd623480b5ed05a7b7523
chkrootkit-0.42b.tar.gz
Posted Nov 11, 2003
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.42b locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Fixed NPTL threading mechanisms, minor corrections, chkrootkit, a new test (vdir), detection of the worms 55808.A and TC2, and detection of the rootkits Volc, Gold2, Anonoying, Suckit (improved), and ZK (improved). Fixed bugs and added BSDI support.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | b708c13663b784db1b1e675279707f7e
Milleniumv1_0_Removal.zip
Posted Sep 21, 2003
Authored by Soner EKER | Site sonereker.net

Millenium v1.0 is a tool that easily finds and removes the Millenium v1.0 Trojan from an infected system. Delphi source code included. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
MD5 | bfec6a780e0782728c97a33923619390
Page 4 of 22
Back23456Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close