exploit the possibilities
Showing 101 - 125 of 585 RSS Feed

Trojan Files

html-trap.procmail-1.150.gz
Posted Jan 15, 2006
Authored by John Hardin | Site impsec.org

Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.

Changes: Fix the unrar executable check so that it does not test for unrar if RAR scanning is already explicitly disabled by $DISABLE_RAR_SCAN. Fix recipient notification so that it will now work on relays.
tags | worm, trojan
systems | unix
MD5 | 7e6ffe3b86e2e192c212b6cc699d3e67
DMA-2006-0112a.txt
Posted Jan 15, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Using ussp-push from the Toshiba Bluetooth Stack versions 4.00.23(T) and below, an attacker can place a trojaned file anywhere on the filesystem.

tags | exploit, trojan
MD5 | 13c47dbcf05a5bc3f1fedca80adbb8b8
SA-20051223-0.txt
Posted Dec 29, 2005
Authored by SEC Consult | Site sec-consult.com

SEC Consult Security Advisory 20051223-0 - OracleAS Discussion Forum Portlet suffers from multiple Cross Site Scripting vulnerabilities. E.g. it is possible to create relogin trojans, steal session cookies, alter the content of the site or hide articles which don't show up in the overview page.

tags | advisory, trojan, vulnerability, xss
MD5 | c09f976f74b323a3b69215d45d934089
digsig-1.3.2.tar.gz
Posted Nov 20, 2005
Site sourceforge.net

DigSig kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verifies this signature before loading the binary. It is based on the Linux Security Module hooks (standard in main stream Linux kernel 2.5.66 and higher). Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Trojan programs, and backdoors from running on the system.

tags | worm, kernel, trojan
systems | linux
MD5 | 7636bc6cfe7bf8593a2323034d55f38a
p3scan-2.3.1.tar.gz
Posted Nov 20, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

Changes: Bug fix release.
tags | worm, web, trojan
systems | linux, unix
MD5 | c1ce98fd1fe2220ef9838eb97ae38300
p3scan-2.2.1.tar.gz
Posted Sep 23, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

Changes: Made TOP command processing an option. Fixed ability to not use ripmime library. Various other tweaks.
tags | worm, web, trojan
systems | linux, unix
MD5 | f7fcbc39050c193e5a334a61d38b5d49
Xcon2005_CoolQ.pdf
Posted Aug 31, 2005
Authored by CoolQ | Site xcon.xfocus.org

Xcon 2005: Advanced trojans in Grub

tags | trojan
MD5 | 1641a80c8e392fad75dd36a94e3bf62e
rt-sa-2005-014.txt
Posted Aug 26, 2005
Authored by RedTeam Pentesting | Site redteam-pentesting.de

The new iTAN security feature for online banking promoted by german banks does not protect against phishing attacks and trojans as claimed.

tags | advisory, trojan
MD5 | 5682bd253e59cf397473750eb8b43d52
Evil.Shell.Backdoor_1.0.5.c
Posted Aug 26, 2005
Authored by Lympex | Site l-bytes.tk

Password protected windows bind/reverse shell backdoor written in Visual C++ Archive password is set to p4ssw0rd. Use at your own risk.

tags | shell, trojan
systems | windows
MD5 | 0475009407cb1326228f33e0edd9b896
Technical Cyber Security Alert 2005-189A
Posted Jul 9, 2005
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA05-189A - Apparently there is a heightened amount of direct email attacks where trojans are being passed to unsuspecting users. The emails being sent are very well crafted and are directed specifically to the users they are being sent to.

tags | advisory, trojan
MD5 | ce42c70ef473032b039446dfc97d22eb
chkrootkit-0.45.tar.gz
Posted Apr 18, 2005
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Various improvements, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | 57493e24ca81750a200d8bcb4049e858
p3scan-2.0.tar.gz
Posted Jan 22, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

tags | worm, web, trojan
systems | linux, unix
MD5 | 994a47f8982f40a954e97f3c3d808bab
grams.html
Posted Nov 13, 2004
Authored by Joe Stewart | Site lurhq.com

Full analysis of the Win32.Grams trojan. It differs from previous E-Gold phishing trojans in that it does not steal credentials instead uses the victim's own browser to siphon all the E-Gold directly from their account to another E-Gold account, using OLE automation. This would completely bypass all the new authentication methods financial institutions are using to thwart keystroke loggers/password stealers, because the trojan simply lets the user do the authentication, then takes over from there.

tags | paper, trojan, virus
systems | windows
MD5 | 595a24440e3a2c58515e37bc9c53b38e
chkrootkit-0.44.tar.gz
Posted Nov 10, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: del counter fixed, better support for Linux threads, Madalin now detected, lots of minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | d1ea2951dfaa76aed3ce8554c0769626
FakeRedhatPatchAnalysis.txt
Posted Oct 27, 2004
Site k-otik.com

A full analysis of the fake Fedora-Redhat security alert with trojan source code.

tags | advisory, trojan
systems | linux, redhat, fedora
MD5 | afe97363f72f5d2da14e92ba4526ef65
hitb04-captain-crunch-02.pdf
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by John Draper (Captain Crunch): "Secur ity Threats from Spamming" (part 2). Discusses security issues related to the sp ybots and trojans typically used by spammers, when the same spybots and trojans are used by more malicious / underground hackers.

tags | trojan
MD5 | a7df3435bb1d6e8d4f1d3736507aabf2
hitb04-captain-crunch-01.pdf
Posted Oct 23, 2004
Site conference.hackinthebox.org

HITB (Hack In The Box) 2004 Presentation by John Draper (Captain Crunch): "Security Threats from Spamming" (part 1). Discusses security issues related to the spybots and trojans typically used by spammers, when the same spybots and trojans are used by more malicious / underground hackers.

tags | trojan
MD5 | 16b4843a0e111977e560688812baac9c
p3scan-1.0.tar.gz
Posted Sep 21, 2004
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

tags | worm, web, trojan
systems | linux, unix
MD5 | d5d354f85727667e781bc5e05e4ffb4d
html-trap.procmail.1.145.gz
Posted Sep 21, 2004
Authored by John Hardin | Site impsec.org

Email Security through Procmail 1.145 - Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.

Changes: Various bug fixes.
tags | worm, trojan
systems | unix
MD5 | 4c238be4a482900ad0414eedeb347be7
backdoor-list.txt
Posted Aug 31, 2004
Authored by Klemster, indiasec | Site indiasec.com

List of the most known backdoors and the ports they use. It has 130 different trojans and more than 150 ports listed.

tags | trojan
MD5 | cd1a49aa433809e5d42843932e23dfbe
abouttrojans.txt
Posted Aug 31, 2004
Authored by Klemster, indiasec | Site indiasec.com

White paper discussing Windows trojans. Written for newbie home PC users.

tags | trojan
systems | windows
MD5 | faa411ac4be1571c679715825909e403
scob.trojan.zip
Posted Jun 28, 2004
Site k-otik.com

Full source code of the Scob trojan downloader. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
MD5 | a9856c91e925fe7ef8f8649bfcd87b75
syscheck-0.6.3.tgz
Posted Jun 25, 2004
Authored by steveg | Site stevegcentral.com

Syscheck version 0.6.3 is a utility for performing sanity checking on system files, services, and ports. It attempts to identify any trojans or rootkits that may be getting used and also looks for vulnerable software installed. ELF binary included.

tags | trojan
systems | unix
MD5 | 647cdd7de4f71fdd4db378e98b304412
analysis.tgz
Posted Jun 8, 2004
Authored by Jelmer Kuperus

Complete analysis of the 180 Solutions trojan along with exploitation tools that demonstrate at least two new unpublished vulnerabilities in Microsoft Internet Explorer 6 that allow for arbitrary code execution.

tags | exploit, arbitrary, trojan, vulnerability, code execution
MD5 | 3673f2d74f6184a4a126bf6b2228c59f
boclient-1.3.1.tar.gz
Posted May 21, 2004
Authored by Dobrica Pavlinusic, Omega

boclient 1.3.0 - boclient is a remote windows administration tool which uses BackOrifice or NetBus servers on Windows. It is an improvement of version 1.21. Most recent versions have GNU readline support, NetBus commands, portability to other platforms (BeOS, QNX and 64bit architectures like Alpha) and async network I/O. Archive password is set to p4ssw0rd. Use at your own risk.

Changes: Initial non-developer release.
tags | remote, trojan
systems | windows, beos
MD5 | 9eba0ef738d56dd4491716ee49767b03
Page 5 of 24
Back34567Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close