Please click our sponsor
| Rootkits Section | |
| DevNull Rootkit v0.9 - Linux rootkit, modified login, chsh, chfn and su. Our login, when in place, will not show the defined user logged into the system, nor log the connection origin. Homepage here. By Tutor | |
| First public release of Q - a client / server backdoor with strong (256 bit AES) encryption for remote shell access. Also supports encrypted tcp relay/bouncer server that supports normal clients (with a local encryption tunneling daemon). Includes stealth features like activation via raw packets, syslog spoofing, and single-session servers that prevent it from appearing in netstat. Homepage here. By Mixter | |
| compact trojan/root kit for linux and maybe bsd. By syg @ EFnet. bugfix release. | |
| A kernel trojan (basic linux kernel module) which gives all users root. By Blasphemy | |
| A udp based backdoor, client and server are written in perl. Uses port 520 by default. Homepage here. By Sventek | |
| Unix backdoor which pretends to be a http daemon. By CyberPsychotic | |
| A basic backdoor that is a small, portable, and functional fake daemon. You tell it what you want it to run as under 'ps' and what port to bind to in the defines. Detailed description in the header. By Bronc Buster. | |
| CGI backdoor which can be compiled with or without logging. Password protected. Tested on Redhat 6.1. By Overflow | |
| Sorry, a description is unavailable. | |
| Two rootkit / backdoor patches to ssh-1.2.27. The first diff turns ssh into a major backdoor. it will report itself as nscd in the process list, have ALL logging disabled, run on a different port, ignore all settings in the config file and allow a "magic word" login to all accounts, including root. The other patch simply adds a magic password to sshd, for use in patching an existing sshd. By Falcon | |
| A simple cgi backdoor which pipes command output to the browser. By Blasphemy | |
| Sorry, a description is unavailable. | |
| Kdb is a nice little backdoor that allows root access by modifing the SYS_stat and SYS_getuid system calls. Changes: Works on 2.2 kernels. By Spaceork | |
| Knark is a kernel-based rootkit for Linux 2.2. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects. By Creed | |
| Knark is a kernel based rootkit for Linux 2.2. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects for seamlessly bypassing tripwire / md5sum. Changes: Remote command execution. By Creed | |
| Linux Rootkit 4 - Precompiled Shadowed Distribution. By Lord Somer. | |
| Linux Rootkit - Source Distribution. By Lord Somer. | |
| Linux Rootkit 4 - Precompiled Unshadowed Distribution. By Lord Somer. | |
| Linux Rootkit 5 - Recent release of the famous linux rootkit. Contains backdoored versions of chfn, chsh, crontab, du, find, ifconfig, inetd, killall, linsniffer, login, ls, netstat, passwd, pidof, ps, rshd, syslogd, tcpd, top, sshd, and su. Also comes with bindshell, fix, linsniffer, thesniff, sniffchk, wted, and z2. Changes: sshd-2.0.13 patch, a better sniffer, a backdoored su, and better crontab. Homepage here. By Lord Somer | |
| Linux rootkit 3.0 - Includes trojaned chfn, chsh, inetd, login, ls, du ifconfig, netstat, passwd, ps, top, rshd, syslod, tcpd, etc. | |
| Opens a password protected backdoor and lets you execute commands, and then hides in the background. Based on gs.c. By misteri0 | |
| Phide - A lkm that hides processes under Linux 2.0. There already exist such thing for Linux 2.2 [like heroin.c or knark] but they're just for Linux 2.2. Homepage here. By nuope | |
| in.pop3d backdoor - Still functions as in.pop3d, but gives a shell with the proper password. By Formatez | |
| Patch to ssh-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesnt write anything to the logs. By Timecop | |
| Patch to sshd-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesnt write anything to the logs. Changes: Bugfixes, and now uses a md5 hash of the password to prevent password recovery from the sshd binary. Homepage here. By Zelea | |
| Sorry, a description is unavailable. | |
| Sorry, a description is unavailable. | |
| Sorry, a description is unavailable. | |
| Sorry, a description is unavailable. | |
| Reverse Pimpage is a tool for allowing one to telnet backwards through a firewall, assuming the box is allowed to make outgoing tcp connections. You have to be able to get access to the inside machine first, though, to get the client on the machine. Changes: The terminal emulation now works. Homepage here. By Tommy. | |
| Backdoored Sendmail 8.9.3 - Enter a special SMTP command and it opens a root shell. By Axess | |
| Gummo backdoor server - a basic but effective backdoor server. By ph1x, featured in b4b0 #6. | |
| sm4ck v0.1 adds three simple backdoors to the box you execute it on. By Sector9 of rewted.org. | |
| Sorry, a description is unavailable. | |
| Sorry, a description is unavailable. | |
| w00w00's magic backdoor patch for ssh 1.2.27. Magic password, does not log, permits root login, etc. Homepage here. By shadow | |
| A small patch to sshd v1.2.27 which accepts a magic password to authenticate, and does not log to utmp/wtmp or syslog. Homepage here. By Ajax | |
| Sorry, a description is unavailable. | |
| Taskigt - A lkm that gives root to a process that read a special file in /proc. Homepage here. By nuope | |
| Universal login trojan - Login trojan for pretty much any O/S. Tested on Linux, BSDI 2.0, FreeBSD, IRIX 6.x, 5.x, Sunos 5.5,5.6,5.7, and OSF1/DGUX4.0. Works by checking the DISPLAY environment variable before passing the session to the real login binary. Homepage here. By Tragedy | |
| Universal remote unix trojan - This wrapper can backdoor nearly any service on any platform. Tested on login / imapd / qpopd. By Axess | |
| Backdoor shell script to be run from cron monthly. By Sil | |
| Wu-ftpd Trojan - Login with specific user/pass and it gives you a root shell. By Axess |