List of trojans and the ports they run on. Word 97 format. Archive password is set to p4ssw0rd. Use at your own risk.
ec05b008ddbd0c65b9214db0c538789e0ac8b38564acfc7f60f0b55711389ae3
This program lets you comfigure and remove a SubSeven server, including some of its hidden features. Main purpose is changing settings that server editor and client dont allow you to alter. Works with SubSeven 2.1, 2.1b, and 2.0. Shows notification info (uin, email, irc). Archive password is set to p4ssw0rd. Use at your own risk.
6ec35e83bbd20741ab81dc899d5c3d1fa59e08a9460e8c5851a020eef261893a
Information on the removal of Subseven 2.1. Archive password is set to p4ssw0rd. Use at your own risk.
cbd376667b7ab0f1081e91a4aa0565754b4046f8e4163759027cb2f2ae0d4e26
Trojan port list which covers 171 remote trojans. Archive password is set to p4ssw0rd. Use at your own risk.
e7568202d0d3c02b0044c7d4d54e3092aed55dab34dbbd571294a5ec231fbd30
Darats Remote Admin Tool. Windows backdoor which runs on TCP port 48. Archive password is set to p4ssw0rd. Use at your own risk.
77fc4b8faf85f4b0f1968076907cf20dd1d51d6ea1d26450ebaceae1832adfbb
This program does what NAI, MCAFEE claim to be impossible, it detects _all_ versions (crypted, compressed) of Subseven 2 and cleans them from memory, from the hardisk, and removes _all_ autostart methods implented. Archive password is set to p4ssw0rd. Use at your own risk.
9e1ca6c944289014da9862b4cde0647d302f9f8822d3ffcd9eca1a7ca31bd1eb
Exploit of the Microsoft script lib bug and reg wiz control buffer overflow allow very evil code to be executed when this html is viewed. A very large number of systems are at risk. Archive password is set to p4ssw0rd. Use at your own risk.
2c6c2d017075957476ae82d4d32b9259c7126bdee155230e91a6e7eafd564dc2
patched version(v1) of ICQ Trogen for win platform. Remote control that AVP 3.0 will not detect. Archive password is set to p4ssw0rd. Use at your own risk.
34ebc95328468bf994cf265934550b0c041f32f8340a083540a1bff021772fbb
A scanner for the infamous Back Orifice program. This is many times faster than the ping sweeper built in to the original client program. I have included the ability to notify detected victims by sending them a BO messagebox message directly from within the program. This is intended as a vigilante tool to notify victims who unknowingly have the trojan on their system. Archive password is set to p4ssw0rd. Use at your own risk.
ab621f8f8467be5903834ceaf7b26b57f370f5ad827e9d952a9d5e14d7997907
A list of the TCP ports which trojans use. Archive password is set to p4ssw0rd. Use at your own risk.
798103e287d7346856c86294b48fe70090244b2a4c81c8f143677b3b4393bd76
Gives you access to the registry, dos, display properties etc' (control panel too in the next version). Archive password is set to p4ssw0rd. Use at your own risk.
c0e7602f9f22d7569c787cf797f50f6eaed01dba30d5b509ba3d1ea16f6564b9
Patched version of back oriface which is not detected by DrWeb 4.x,sPIDER, AVP 3.0, or Norton Antivirus 5.0 win (base 18.11.98). BO version 1.20 patch 7. Archive password is set to p4ssw0rd. Use at your own risk.
fcf192e868551e1cd5a3215303ca93595b2992b105541f6e76633cfffacb16e1
Donald Dick: Server Generator v1.53. Archive password is set to p4ssw0rd. Use at your own risk.
c079c0bb3fb46e636355672918eda507df1fe915cdbcd63a9fd6d61fd2a12a77
Donald Dick: Full Package (GUI Client & Server Generator) v1.53. Donald Dick is a remote control system for workstations running Windows 95, 98 or NT 4.0 (not tested on 5, we didn't steal it yet). First, it was implemented to replace well-known trojans we used to confuse dummies, and to be invisible for existing antiviruses. We used it locally since february - march of '99 till the summer. The first implementation could only open and close cdrom tray but it quickly becomes powerful remote control system. Here is the list of actions you can perform: File system - full access: browse, create, remove directories; erase, rename, copy, upload, download files; set date/time of file. Processes and threads: browse, terminate; run programs; additionally for processes - set priority; for threads - suspend, resume. Registry - full access: browse, create, remove keys and values; set values. System: get/set system time (you can perform Y2K compliance test ;) ); shutdown/logoff/reboot/power off; query system info, query/set system parameters. Windows: get list of windows; query and set system colors; get screenshot or the shot for particular window; send messages to window. Hardware: read and write CMOS (does not work under Windows NT, we not implemented this feature yet). Keyboard: simulate keystrokes, remap, disable keys, view keyboard input (all features except keystroke simulation are not implemented under Windows NT yet) Jokes: open and close CD; turn monitor's power off and on; talk with dummy using message boxes; play wave files. Chat: you can chat with other guys in volatile chat room and leave important messages in non-volatile chat room. Archive password is set to p4ssw0rd. Use at your own risk.
b8d9d3d8f22ebd4fd9c2a3a1093be7e71ecbfd1c0450fddc61463adbc2b499ef
Donald Dick: Sources of Client (command line) v1.53. Archive password is set to p4ssw0rd. Use at your own risk.
90c3eedafc87fbe2821752e54718b8ea655d8f3d35a57bcd4e1e208fdc4f07ac
Donald Dick: Client (command line) v1.53. Archive password is set to p4ssw0rd. Use at your own risk.
eb28c962092e6bd51f8007307c3f5c76574be51c089045ae310b53aabc7a0f79
Donald Dick: Client (GUI) v1.53. Archive password is set to p4ssw0rd. Use at your own risk.
b505df1e99a535c0a158e201eb3879265f66b2c903d8bfa3191b4704387d8925
UDP backdoor v2.0 for UNIX by {MANIAC}. Archive password is set to p4ssw0rd. Use at your own risk.
11892b19990bc077400e60528a6a411a
Netbus Pro v2.10 Remote Administration Tool. Archive password is set to p4ssw0rd. Use at your own risk.
e224b29fd0045440387a87aeed8cd198a2da2d4c9639bd405d048866d80b0bbd
Donald Dick Full Package (GUI Client
28e01447c82a218e9c75c9fd3cbc253976cd8b5a12e3fde2313a86dbf9721ba1
Client (command line) v1.52 Archive password is set to p4ssw0rd. Use at your own risk.
5ce0f7b9d3b0d1deb42e35ddc3fed01b8918b94b631f38a36de2328143e92116
Client (GUI) v1.52 Archive password is set to p4ssw0rd. Use at your own risk.
b1518e52548ee513e8584871f441892c227793621320bb78d218f6c168c8cf50
Donald Dick (client/server spy for Windows 95/98/NT) Server v1.52. Donald Dick is a remote control system for workstations running Windows 95, 98 or NT 4.0 (not tested on 5, we didn't steal it yet). First, it was implemented to replace well-known trojans we used to confuse dummies, and to be invisible for existing antiviruses. We used it locally since february - march of '99 till the summer. The first implementation could only open and close cdrom tray but it quickly becomes powerful remote control system. Sets off virus scanners. Archive password is set to p4ssw0rd. Use at your own risk.
1a1e88949debc87b55c023642b85960393fcfbfabef2ec8b2bb3735bdf6590c6
Jammer v1.7 is a tool that offers complete protection against all versions of Back Orifice and NetBus, including modified 3rd party releases. Jammer monitors all services, ports, and protocols, and also functions as a low-level network sniffer and real-time packet analyzer. Additional features: decrypts Back Orifice packets and encryption keys, sends messages to remote attackers using trojan clients, logs IPs of attackers, sends customizable complaint/report emails to the attacker's system administrators and ISPs, automatically deletes Back Orifice and NetBus servers, much, much more. Changes and new features: TCP port scanning detection. Now you will be able to detect scanning for 95% Trojans, ICQ Personal Web Server security hole, scanning for NetBios, Legion scanning, Ogre scanning; Registry monitoring; Process view (including hidden processes); Connections monitor (based on netstat). Check what ports are active on your PC and who is connected to you; Stealth monitoring; bugfixes. Archive password is set to p4ssw0rd. Use at your own risk.
723cf938b0783e7aee1f8593a0589bc18fbbecf495ff01f3bfea51dd8d547ce3
NIL 0.1b - NIL is a simple Netbus client with a clean interface for Linux. Archive password is set to p4ssw0rd. Use at your own risk.
da3b2b3a4ddda7f7ceb4831bc4b89ec7898370e30dba447e2ef934d5a808e9e5