Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Backdoors and Security


4rm4g3dd0n's Avatar
Mad Hatter
0 0

I was just wondering if any1 out there has used backdoors netbus bo2k sub7 etc.. and if so what the like and or dislike about them.. and also what features have never been seen b4 that you would like to see etc etc…..


clone4's Avatar
Perl-6 Wisdom Seeker
0 0

4rm4g3dd0n wrote: I was just wondering if any1 out there has used backdoors netbus bo2k sub7 etc.. and if so what the like and or dislike about them.. and also what features have never been seen b4 that you would like to see etc etc….. likes: it makes h4x0ring st00pid people with wind0wz so easy dislikes: those tools should carry warning 'for retards only', if you want to use backdoor code your own

and features never seen b4? well i for instance haven't seen backdoor that would give you head after it connects successfully….yet….


4rm4g3dd0n's Avatar
Mad Hatter
0 0

I am coding my own it is the reason for the question bot im not just going for windows im thinking along the lines of cross platform and i want all possible option espessially never heard if ones windows/linux/mac :) already have hundreds of features im working on but i want all i can possibly make

–– O yea And that would be a great feature but I am afraid i cant make that one happen lol —–


fuser's Avatar
Member
0 -1

what kind of features do you have in mind?

I don't have any ideas to contribute right now, but I think there are examples in the code bank, and if you have cross-platform in mind, I think you're better off leaving it as a script instead of an executable, or just make different executables for each platform, like .exe for windows, .bin for linux, etc.


ghost's Avatar
0 0

Good luck getting someone who uses Linux to execute a script as Admin(unless hes an idiot) Your more then likely going to have to find a vulnerable process to exploit, or sniff passwords and get Admin rights to install a Linux rootkit.

Windows is a little easier. :D


4rm4g3dd0n's Avatar
Mad Hatter
0 0

actually cross platform server not the client


fuser's Avatar
Member
0 -1

MoshBat wrote: [quote]4rm4g3dd0n wrote: actually cross platform server not the client What the hell is the point of that?[/quote]

uh..so that the trojan can be installed on all servers? not all servers run Linux, some run Windows 2003, while some run OSX or other Unix variant. A cross-platform trojan will basically have a large scope, unlike most trojans which is mostly for Win.


ghost's Avatar
0 0

And I go back to my point

Cross platform clients make sense, but cross platform unix Trojan servers aren't very plausible because of unix system group/file privileges. Building a cross platform backdoor in the form of a Rootkit would be more plausible. Still it would have to have to be most definitely be executed by a remote user post exploitation.

It wont be like Windows n00bs and drive by downloads:p


techb's Avatar
Member
0 0

I wrote a backdoor that emails me logged keystrokes, screen shots, and allows two-way file transfer.

Further ideas could include a system search engine; so you can search the entire infected system with a search phrase instead of looking through passably hundreds of folders to find interesting stuff.

You could even make a botnet-like backdoor that connects to in irc channel instead of your BD server.


stealth-'s Avatar
Ninja Extreme
0 0

techb wrote: I wrote a backdoor that emails me logged keystrokes, screen shots, and allows two-way file transfer.

Further ideas could include a system search engine; so you can search the entire infected system with a search phrase instead of looking through passably hundreds of folders to find interesting stuff.

You could even make a botnet-like backdoor that connects to in irc channel instead of your BD server.

My favorite idea for backdoors is pwnat (It's a NAT bypasser). Yeah, you're kinda stealing a little code, if you look at it that way, but it's a brilliant and simple way to avoid the router getting in the way and still be able to remain anonymous so your rootkit can do it's thing without bothering with super complicated, fragile, or dangerous setups. It's easy to call from whatever language your backdoor/rootkit is programmed in, too. Just spawn a thread and run the binary with a system call.

http://samy.pl/pwnat/

However, you're right. When it comes to bot nets, the IRC idea is clever.


fashizzlepop's Avatar
Member
0 0

techb wrote: Further ideas could include a system search engine; so you can search the entire infected system with a search phrase instead of looking through passably hundreds of folders to find interesting stuff. How about the ability to run perl scripts you send it? Then you could write a search script and other stuff.


nanoymaster's Avatar
the master of nanoy(.org)
0 0

I agree with everyone else. it is a stupid idea to leave your code & IP out there on pwn3d boxes. however I have dabbled with some of this software. so here goes.

sub7 (and variations are pants) what you really want is something that can handle multiple clients. most people seem to use bifrost or poision ivy even tho there ancient, there is good documentation for them.

A relativly recent one is dark comet. http://darkcomet-rat.com/ which is fairly feature heavy, but harder than the others to set up. (anyone with computer knowledge can set it up.)

as has been previously said they are all point and click lame programs. the real skill comes from crypting/packing, AV bypassing, removing connection limits etc.

there are a million ways to spread and to c+c, so just have a play, and don't cause damage

disclamer: the text above here is by me and does not reflect the views of HBH.. don't be stupid.


fashizzlepop's Avatar
Member
0 0

MoshBat wrote: This thread is ancient, but what the hell. Leaving scripts lying around on a machine is a poor idea, anyone can read them. Also, you'd need an installation of perl on the machine, impractical, to say the least. Then you've got the fact you'll have to use wperl on the machine's end, so a massive giveaway doesn't pop up on screen. Binaries are probably better, overall.

I thought we were talking about on a Linux machine… where Perl would already be installed. I meant that the backdoor would read the perl scripts from a server or something, that way they aren't left on the machine.


ghost's Avatar
0 0

Actually, in this old thread the OP was talking about making a "cross-platform" trojan server able to infect Windows, Linux, and OSx. Not very plausible if you ask me.


4rm4g3dd0n's Avatar
Mad Hatter
0 0

Yes I know old thread but other's brought it back and i started it to begin with…

client - server

windows server - windows specific Linux server - Linux specific Mac server - Mac specific ….. etc

One Client to run on one system to connect to the various made severs witch would be downloaded and executed through platform specific file .exe .dol .bin … etc every system has its own purpose and filetypes though from image files being the best bet I once red somewhere that over 80% of internet users watch porn –– free porn images –– dosent matter what type of system they are using just through a plain connection we already know most user's system type… When connection is established we already know which script to run to install which paticular server most good information is in text anyway we can read text from ant platform make there own files do what we want on there system I have done win/linux variations it is possible (name of program not told ) for good reason but i want like ideas for seemingly unlimited options have actually gotten a couple here thanks


ghost's Avatar
0 0
I understand client-server programming, .exe's,.bin's, etc and I also know that looking at porn in linux isn't enough to install a backdoor, but nice try. You would have to exploit a vulnerable process to run your rootkit script. Or get the user to download a script and run it as root to execute a server. Hence why I said ; pretty* useless. 

Cross platform client side attacks would bear more fresh fruit. And success:)


4rm4g3dd0n's Avatar
Mad Hatter
0 0

:) no bro as I stated i have done it that was the example on connection to site you can grab info through the header information such as useragent works well

HTTP_USER_AGENT:Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

Windows system up there Windows NT 6.1 more specifically (windows 7 or windows server 2008) we can go more into those later

looking at the porn has no effect alone but as you know when you download the image file game movie whatever it is file wanted + extra (script threw background) unknown

threw my coding experiences I have found linux systems to be among the most easy to exploit i guess that there are more windows virii because there are more windows users though the mac seems to be the most secure even if hardcore linux type system users want it to be linux OSX unix based systems are truly in the lead of security (I don't know maybe it is becase of all the open source linux) Windows is the hardest hit because of the oceans of users.

besides the fact that I have already done it before maybe it was my program that led to research or even another who thinks like me I don't want to take anyone's credit ( But I have expereimented a long time and would like to think I contributed) just stating that it possibly could have been one of my programs that led to this proof-of-concept article (which by the way dont have to be written in assembly ;) as for mine were different servers connecting to a single client anyway

quote: (“Even today, Web sites sending exploits to their visitors tend to detect what browser/platform the visitor is using and send a matching exploit to install some malware,”

http://www.computerworld.com/s/article/110330/Kaspersky_warns_of_cross_platform_virus_proof_of_concept

there p-o-c dosen't seem to begin to go as far as mine but then again maybe it does and they don't want al to know the overall actual simplicity of the linux system