[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor

To: Levent Kayan <levonkayan@xxxxxxx>
Subject: Re: [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor
From: mezgani ali <handrix@xxxxxxxxx>
Date: Thu, 9 Feb 2012 00:15:26 +0000

I was working on a backdoor kernel land, using netfilter =]

Kind regards,


On Wed, Feb 8, 2012 at 10:17 PM, Levent Kayan <levonkayan@xxxxxxx> wrote:

> On 02/08/12 22:55, Kryton Jones wrote:
> > Is this something like Port Knocking ??
> you can see that kinda as port knocking yes.
>
> >
> > http://en.wikipedia.org/wiki/Port_knocking
> >
> >
> > On 09/02/2012, at 8:29 AM, Levent Kayan wrote:
> >
> >> Hi there,
> >>
> >> description
> >> ===========
> >> trixd00r is an advanced and invisible userland backdoor based on TCP/IP
> >> for UNIX systems. It consists of a server and a client. The server sits
> >> and waits for magic packets using a sniffer. If a magic packet arrives,
> >> it will bind a shell over TCP or UDP on the given port or connecting
> >> back to the client again over TCP or UDP. The client is used to send
> >> magic packets to trigger the server and get a shell.
> >>
> >> file can be found at: http://nullsecurity.net/tools.html
> >>
> >> a demonstration video can be found here:
> >> http://www.youtube.com/watch?v=Hs-nRUrnzwE (enjoy my pr0n)
> >>
> >>
> >> cheers,
> >> noptrix
> >> --
> >> Name: Levon 'noptrix' Kayan
> >> E-Mail: noptrix@xxxxxxxxxxxxxxxx
> >> GPG key: 0x014652c0
> >> Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
> >> Homepage: http://www.nullsecurity.net/
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
>
> cheers,
> noptrix
> --
> Name: Levon 'noptrix' Kayan
> E-Mail: noptrix@xxxxxxxxxxxxxxxx
> GPG key: 0x014652c0
> Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
> Homepage: http://www.nullsecurity.net/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
Ali MEZGANI
*N*etwork *E*ngineering/*S*ecurity
http://www.nativelabs.org/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor
  - From: Levent Kayan
- Re: [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor
  - From: Kryton Jones
- Re: [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor
  - From: Levent Kayan

Prev by Date: [Full-disclosure] InfoSec Southwest 2012 Speakers and Agenda
Next by Date: Re: [Full-disclosure] posting xss notifications in sites vs software packages
Previous by thread: Re: [Full-disclosure] trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor
Next by thread: [Full-disclosure] InfoSec Southwest 2012 Speakers and Agenda
Index(es):
- Date
- Thread