Twenty Year Anniversary
Showing 101 - 125 of 551 RSS Feed

Trojan Files

Posted Aug 26, 2003
Authored by Drew Copley | Site

eEye Advisory - There is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed almost all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a web page as silently and as easily as Internet Explorer parses image files or any other safe HTML content. Version affected: Microsoft Internet Explorer 5.01, 5.5, 6.0, and 6.0 for Windows Server 2003.

tags | advisory, remote, web, trojan, activex
systems | windows
MD5 | 9f6eb7569411e2aba0bb119b689e9c2a
Posted Jul 6, 2003
Authored by sloth | Site

Quick analysis of the Mindjail worm being distributed by the trojan sdbot 0.5b.

tags | worm, trojan
MD5 | 2ca02680080ee37930a1466702574257
Posted Apr 5, 2003
Authored by ThreaT | Site

Local exploit/trojan that makes use of REGEDIT.EXE. Any file containing a value of more than 260 characters causes an error exception by the RegSetValueExW function, which then uses a function of NTDLL.DLL which is vulnerable.

tags | exploit, local, trojan
MD5 | 4e0643d6654634b53c7b22b0a871dc54
Posted Feb 2, 2003
Authored by Nelson Murilo | Site

Chkrootkit v0.39a locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.

Changes: Solaris bugs where fixed in chkdirs.c, HP-UX support was added to chkdirs.c, A new Adore version was added to chkproc.c, ps thread error fixed in chkproc.c, a Red Hat 8.0 bug was fixed in chkproc.c and detection for several Slapper variants is added to the package.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd
MD5 | 95c49aae601d402dac063f157de8fb58
Posted Jan 5, 2003
Authored by Ayan Chakrabarti | Site

Guptachar is a remote administration tool which works as a web server - it can be controlled with just a web browser. It has an inbuilt keylogger and an IRCBOT feature. It's tiny with the server executable being less than 50kb in size. Comes free with sources. Archive password is set to p4ssw0rd. Use at your own risk.

tags | remote, web, trojan
MD5 | ca13ad83b042842552df06050a052cbf
Posted Dec 25, 2002
Authored by John Hardin

Email Security through Procmail 1.137 - Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.

Changes: A bug in filename shortening that broke older Perl versions has been fixed. MIME mangling has been changed away from TEXT/PLAIN, as some mailers perform text-related operations on that MIME type, corrupting the attachments.
tags | worm, trojan
systems | unix
MD5 | 6b79032a2a556401269d9db7b382d79c
Posted Dec 16, 2002
Authored by m4rc3l0

Trojan /bin/login.

tags | tool, trojan, rootkit
systems | unix
MD5 | c4467dfbf32a55282b92eaaa055652a9
Posted Dec 11, 2002
Authored by deadbeat

Pc-cillin pop3trap.exe buffer overflow exploit in perl. Return address is off a little making it a denial of service exploit, but could be tweaked to execute shellcode that downloads a trojan.

tags | exploit, denial of service, overflow, trojan, perl, shellcode
MD5 | f8b00015a53191bec894d80a93c87fa5
Posted Dec 8, 2002
Authored by Druid

Linux/OSF-8759 aka Linux/OSF-A Virus Cleaner. This program will scan the filesystem and tell you if you have this virus. When the virus is found, it will disinfect the file and hopefully restore the file to its original form. Includes C source. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, virus
systems | linux
MD5 | 6be1a3d062c0006ddb7054341a4656b3
Posted Nov 30, 2002

CERT Quarterly Summary CS-2002-04 - Popular vulnerabilities being exploited by attackers these days include an Apache/mod_ssl worm, OpenSSL bugs, Trojan horse sendmail, libpcap, and tcpdump, multiple BIND bugs, and a heap overflow in Microsoft MDAC.

tags | worm, overflow, trojan, vulnerability
MD5 | b577896ae5b0e164f58fb07ec0cc609e
Posted Nov 25, 2002
Authored by Itadem

Itadem Trojan v3.0 is a small trojan controlled by a web browser. New features include bug fixes, server can be passworded, and html layout. Archive password is set to p4ssw0rd. Use at your own risk.

tags | web, trojan
MD5 | 11d544e921effc6a8919901969dc70a9
Posted Nov 15, 2002

CERT Advisory CA-2002-30 - Released source code distributions of the libpcap and tcpdump packages were modified by an intruder and contain a trojan horse which, upon compile time, remote grabs a file from a fixed IP address which it then compiles and runs. The binary then goes to a fixed IP address and gets a one character response which enables the remote machine to trigger the spawning of a shell to the remote machine. The backdoor also explicitly ignores all traffic on port 1963.

tags | remote, shell, trojan
MD5 | e54c4be958885a0de93635a5937a757f
Posted Oct 31, 2002

Microsoft Security Advisory MS02-064 - On Windows 2000, the default permissions provide the Everyone group with Full access on the system root folder (typically, C:\). In most cases, the system root is not in the search path. However, under certain conditions - for instance, during logon or when applications are invoked directly from the Windows desktop via Start | Run - it can be, allowing users to make trojans that other users execute.

tags | root, trojan
systems | windows, 2k
MD5 | d8346b72f3f02539a5cfe8cdc2eabd78
Posted Oct 31, 2002
Authored by Stringz

Vaccine.c is a program which will remove the ELF infecting virus Linux.Jac.8759 from binary files. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, virus
systems | linux
MD5 | 67f1299e5fc83c09ab6a02de6117e8cb
Posted Oct 26, 2002

ABFrag claims to be a Linux Kernel ( here. Encrypted with burneye. Archive password is set to p4ssw0rd. Use at your own risk.

tags | kernel, trojan
systems | linux
MD5 | 4ef317e80a0a1a33db854f7c79ab3558
Posted Oct 22, 2002

The Complete Trojans Text. Contents:What Is a Trojan Horse,Trojans Today,The Future Of Trojans,Anti-virus Scanners,How You Can Get Infected -From ICQ,From IRC,From attachment,From Physical Access,From Trick,How Dangerous a trojan can be,Different Kinds Of Trojans,Remote Access Trojans,Password Sending Trojans, Keyloggers,Destructive Trojans,FTP Trojans,Who can Infect you?What is the attacker looking for?How trojans work?The Most COmmon Trojan Ports,Anti-trojans software -Log Monitor,PrcView,XNetStatm,AtGuard,Conseal PC Firewall,LockDown2000,TDS. Archive password is set to p4ssw0rd. Use at your own risk.

tags | remote, trojan, virus
MD5 | 954cb426cc33cf62528ad5960c3b32c4
Posted Oct 10, 2002

CERT Advisory CA-2002-28 - Sendmail 8.12.6 was backdoored on September 28, 2002 to include a trojan which executes commands via outbound port 6667 connections.

tags | trojan
MD5 | f6a94b46de29c16173327843a102489e
Posted Sep 27, 2002
Authored by Dave Aitel | Site

HashDB is a networked md5 hash comparison tool that allows you to automatically check the hashes of any files you download against a master database stored at This allows you to download source tarballs without worrying that they've been replaced by trojaned ./configure files.

tags | trojan
systems | unix
MD5 | 6bac6b8504e5a8d7f6976c1a46d4f55a
Posted Sep 24, 2002
Authored by Lee Bowyer | Site

Bypassing firewalls through protocol stenography - You can often bypass firewalls by using trojans that send commands over port 80.

tags | paper, trojan, protocol
MD5 | dbfc62d0887c5defc5faa2fa4e884a30
Posted Sep 17, 2002

Mirc trojan, as described in Microsoft Knowledge Base Article Q328691.

tags | trojan
MD5 | 89feb01b256a2b899a8b043c21ee7636
Posted Sep 17, 2002
Authored by Bjarni R. Einarsson | Site

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: Includes support for F-Prot Antivirus for Linux and protection against "message/partial" fragmented message attacks. Lots of minor bugs have been fixed.
tags | trojan, perl, javascript, virus
systems | unix
MD5 | b69cc9df32c81fb9517c6a63f9713303
Posted Sep 7, 2002

Subseven v2.2 remote control trojan. Archive password is set to p4ssw0rd. Use at your own risk.

tags | remote, trojan
MD5 | 8c23e2c26401c907faa2670e6680b5ab
Posted Aug 26, 2002

[TROJ] Ansi Bomb -> Trojan Converter

tags | trojan, virus, bbs
MD5 | bd2f265f717807949ffa2a5a7ec0096d
Posted Aug 26, 2002

tags | remote, trojan, virus, bbs
MD5 | 6cd41055a5cf8f6e0171afcceaae1354
Posted Aug 26, 2002

The Hack Report for February, 1994 A monthly list of potentially dangerous files including hacks, hoaxes, Trojan Horses, and pirated commercial files found posted for download on BBS systems worldwide. SysOps and Users alike may benefit from this report by using it to avoid potentially dangerous files. Compiled by Bill Lambdin

tags | trojan, bbs
MD5 | a1a75da6319373773338227bf548875d
Page 5 of 22

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    64 Files
  • 24
    May 24th
    55 Files
  • 25
    May 25th
    16 Files
  • 26
    May 26th
    17 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By