[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor

On 02/08/12 22:55, Kryton Jones wrote:
> Is this something like Port Knocking ??
you can see that kinda as port knocking yes.

> 
> http://en.wikipedia.org/wiki/Port_knocking
> 
> 
> On 09/02/2012, at 8:29 AM, Levent Kayan wrote:
> 
>> Hi there,
>>
>> description
>> ===========
>> trixd00r is an advanced and invisible userland backdoor based on TCP/IP
>> for UNIX systems. It consists of a server and a client. The server sits
>> and waits for magic packets using a sniffer. If a magic packet arrives,
>> it will bind a shell over TCP or UDP on the given port or connecting
>> back to the client again over TCP or UDP. The client is used to send
>> magic packets to trigger the server and get a shell.
>>
>> file can be found at: http://nullsecurity.net/tools.html
>>
>> a demonstration video can be found here:
>> http://www.youtube.com/watch?v=Hs-nRUrnzwE (enjoy my pr0n)
>>
>>
>> cheers,
>> noptrix
>> -- 
>> Name: Levon 'noptrix' Kayan
>> E-Mail: noptrix@xxxxxxxxxxxxxxxx
>> GPG key: 0x014652c0
>> Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
>> Homepage: http://www.nullsecurity.net/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
> 
> 


cheers,
noptrix
-- 
Name: Levon 'noptrix' Kayan
E-Mail: noptrix@xxxxxxxxxxxxxxxx
GPG key: 0x014652c0
Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
Homepage: http://www.nullsecurity.net/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/