Follow us on Twitter!
Imagination is more valuable than knowledge - Albert Einstein
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 28
Guests Online: 25
Members Online: 3

Registered Members: 82829
Newest Member: mmoclauq
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Backdoors and Security

4rm4g3dd0n
Member



Posts: 904
Location: Louisville,Ky
Joined: 09.10.07
Rank:
Active User
Posted on 07-01-10 21:39
I was just wondering if any1 out there has used backdoors netbus bo2k sub7 etc.. and if so what the like and or dislike about them.. and also what features have never been seen b4 that you would like to see etc etc.....


a1.sphotos.ak.fbcdn.net/hphotos-ak-snc6/285477_168984629836698_100001754862141_374762_5098511_n.jpg
All I Know Is That I Don't Know Nothing .... Operation Ivy

c:/users
Author

RE: Backdoors and Security

clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank:
Mad User
Posted on 07-01-10 23:06
4rm4g3dd0n wrote:
I was just wondering if any1 out there has used backdoors netbus bo2k sub7 etc.. and if so what the like and or dislike about them.. and also what features have never been seen b4 that you would like to see etc etc.....

likes: it makes h4x0ring st00pid people with wind0wz so easy
dislikes: those tools should carry warning 'for retards only', if you want to use backdoor code your own

and features never seen b4? well i for instance haven't seen backdoor that would give you head after it connects successfully....yet....


[img][/img]img164.imageshack.us/img164/5713/perlvl0.jpg

clone4.freehostia.com/ubuntu_3.png
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl

clone_4@hotmail.com
Author

RE: Backdoors and Security

4rm4g3dd0n
Member



Posts: 904
Location: Louisville,Ky
Joined: 09.10.07
Rank:
Active User
Posted on 08-01-10 02:38
I am coding my own it is the reason for the question bot im not just going for windows im thinking along the lines of cross platform and i want all possible option espessially never heard if ones windows/linux/mac Smile already have hundreds of features im working on but i want all i can possibly make



---- O yea And that would be a great feature but I am afraid i cant make that one happen lol -----


a1.sphotos.ak.fbcdn.net/hphotos-ak-snc6/285477_168984629836698_100001754862141_374762_5098511_n.jpg
All I Know Is That I Don't Know Nothing .... Operation Ivy



Edited by 4rm4g3dd0n on 08-01-10 03:05
c:/users
Author

RE: Backdoors and Security

fuser
Member



Posts: 960
Location: in front of a computer (duh)
Joined: 05.04.07
Rank:
Mad User
Posted on 08-01-10 03:07
what kind of features do you have in mind?

I don't have any ideas to contribute right now, but I think there are examples in the code bank, and if you have cross-platform in mind, I think you're better off leaving it as a script instead of an executable, or just make different executables for each platform, like .exe for windows, .bin for linux, etc.


img.userbarz.com/51/10006.png
img.userbarz.com/146/29144.gif
img.userbarz.com/99/19602.jpg
img.userbarz.com/4/600.png
img.userbarz.com/45/8814.gif
img360.imageshack.us/img360/9231/bfbarlr0.jpg
[url=http://userbarz.com/][img]ht
catinthecpu@hotmail.com
Author

RE: Backdoors and Security


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-01-10 00:39
Good luck getting someone who uses Linux to execute a script as Admin(unless hes an idiot) Your more then likely going to have to find a vulnerable process to exploit, or sniff passwords and get Admin rights to install a Linux rootkit.

Windows is a little easier. Grin

Edited by on 09-01-10 00:41
Author

RE: Backdoors and Security

4rm4g3dd0n
Member



Posts: 904
Location: Louisville,Ky
Joined: 09.10.07
Rank:
Active User
Posted on 10-01-10 23:20
actually cross platform server not the client


a1.sphotos.ak.fbcdn.net/hphotos-ak-snc6/285477_168984629836698_100001754862141_374762_5098511_n.jpg
All I Know Is That I Don't Know Nothing .... Operation Ivy

c:/users
Author

RE: Backdoors and Security

fuser
Member



Posts: 960
Location: in front of a computer (duh)
Joined: 05.04.07
Rank:
Mad User
Posted on 11-01-10 03:01
MoshBat wrote:
4rm4g3dd0n wrote:
actually cross platform server not the client

What the hell is the point of that?


uh..so that the trojan can be installed on all servers? not all servers run Linux, some run Windows 2003, while some run OSX or other Unix variant. A cross-platform trojan will basically have a large scope, unlike most trojans which is mostly for Win.


img.userbarz.com/51/10006.png
img.userbarz.com/146/29144.gif
img.userbarz.com/99/19602.jpg
img.userbarz.com/4/600.png
img.userbarz.com/45/8814.gif
img360.imageshack.us/img360/9231/bfbarlr0.jpg
[url=http://userbarz.com/][img]ht
catinthecpu@hotmail.com
Author

RE: Backdoors and Security


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-01-10 05:37
And I go back to my point

Cross platform clients make sense, but cross platform unix Trojan servers aren't very plausible because of unix system group/file privileges. Building a cross platform backdoor in the form of a Rootkit would be more plausible. Still it would have to have to be most definitely be executed by a remote user post exploitation.

It wont be like Windows n00bs and drive by downloadsPfft

Edited by on 24-01-10 05:41
Author

RE: Backdoors and Security

techb
Member



Posts: 384
Location:
Joined: 15.02.09
Rank:
Moderate
Posted on 09-06-10 02:16
I wrote a backdoor that emails me logged keystrokes, screen shots, and allows two-way file transfer.

Further ideas could include a system search engine; so you can search the entire infected system with a search phrase instead of looking through passably hundreds of folders to find interesting stuff.

You could even make a botnet-like backdoor that connects to in irc channel instead of your BD server.


www.userbars.com/74460/665255/337-7865-ubda3219.gif
kbcarte.wordpress.com
Author

RE: Backdoors and Security

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 09-06-10 03:29
techb wrote:
I wrote a backdoor that emails me logged keystrokes, screen shots, and allows two-way file transfer.

Further ideas could include a system search engine; so you can search the entire infected system with a search phrase instead of looking through passably hundreds of folders to find interesting stuff.

You could even make a botnet-like backdoor that connects to in irc channel instead of your BD server.


My favorite idea for backdoors is pwnat (It's a NAT bypasser). Yeah, you're kinda stealing a little code, if you look at it that way, but it's a brilliant and simple way to avoid the router getting in the way and still be able to remain anonymous so your rootkit can do it's thing without bothering with super complicated, fragile, or dangerous setups. It's easy to call from whatever language your backdoor/rootkit is programmed in, too. Just spawn a thread and run the binary with a system call.

http://samy.pl/pw. . .

However, you're right. When it comes to bot nets, the IRC idea is clever.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: Backdoors and Security

fashizzlepop
Member



Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank:
Moderate
Posted on 09-06-10 03:56
techb wrote:
Further ideas could include a system search engine; so you can search the entire infected system with a search phrase instead of looking through passably hundreds of folders to find interesting stuff.

How about the ability to run perl scripts you send it? Then you could write a search script and other stuff.


"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~


csullivan.codeinspire.net/images/boomsig2.png
fashizzlepop@gmail.com http://csullivan.codeinspire.net/
Author

RE: Backdoors and Security

nanoymaster
Member



Posts: 119
Location: ก็็็็็็&
Joined: 20.08.05
Rank:
Wiseman
Warn Level: 30
Posted on 09-06-10 21:41
I agree with everyone else. it is a stupid idea to leave your code & IP out there on pwn3d boxes. however I have dabbled with some of this software. so here goes.

sub7 (and variations are pants) what you really want is something that can handle multiple clients. most people seem to use bifrost or poision ivy even tho there ancient, there is good documentation for them.

A relativly recent one is dark comet. http://darkcomet-rat.com/
which is fairly feature heavy, but harder than the others to set up. (anyone with computer knowledge can set it up.)

as has been previously said they are all point and click lame programs. the real skill comes from crypting/packing, AV bypassing, removing connection limits etc.

there are a million ways to spread and to c+c, so just have a play, and don't cause damage

disclamer: the text above here is by me and does not reflect the views of HBH.. don't be stupid.


ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิิิิิิิิิิ ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิ
Ask me... ก็็็็็็็็็็็็็&# http://www.nanoy.org
Author

RE: Backdoors and Security

fashizzlepop
Member



Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank:
Moderate
Posted on 10-06-10 05:50
MoshBat wrote:
This thread is ancient, but what the hell.
Leaving scripts lying around on a machine is a poor idea, anyone can read them.
Also, you'd need an installation of perl on the machine, impractical, to say the least. Then you've got the fact you'll *have* to use wperl on the machine's end, so a massive giveaway doesn't pop up on screen. Binaries are probably better, overall.


I thought we were talking about on a Linux machine... where Perl would already be installed. I meant that the backdoor would read the perl scripts from a server or something, that way they aren't left on the machine.


"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~


csullivan.codeinspire.net/images/boomsig2.png
fashizzlepop@gmail.com http://csullivan.codeinspire.net/
Author

RE: Backdoors and Security


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-06-10 20:19
Actually, in this old thread the OP was talking about making a "cross-platform" trojan server able to infect Windows, Linux, and OSx. Not very plausible if you ask me.

Edited by on 10-06-10 20:21
Author

RE: Backdoors and Security

4rm4g3dd0n
Member



Posts: 904
Location: Louisville,Ky
Joined: 09.10.07
Rank:
Active User
Posted on 10-06-10 20:54
Yes I know old thread but other's brought it back and i started it to begin with...

client - server

windows server - windows specific
Linux server - Linux specific
Mac server - Mac specific
..... etc

One Client to run on one system to connect to the various made severs witch would be downloaded and executed through platform specific file .exe .dol .bin ... etc every system has its own purpose and filetypes though from image files being the best bet I once red somewhere that over 80% of internet users watch porn ---- free porn images ---- dosent matter what type of system they are using
just through a plain connection we already know most user's system type... When connection is established we already know which script to run to install which paticular server most good information is in text anyway we can read text from ant platform make there own files do what we want on there system I have done win/linux variations it is possible (name of program not told ) for good reason but i want like ideas for seemingly unlimited options have actually gotten a couple here thanks
c:/users
Author

RE: Backdoors and Security


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-06-10 21:25
I understand client-server programming, .exe's,.bin's, etc and I also know that looking at porn in linux isn't enough to install a backdoor, but nice try. You would have to exploit a vulnerable process to run your rootkit script. Or get the user to download a script and run it as root to execute a server. Hence why I said ; pretty* useless.

Cross platform client side attacks would bear more fresh fruit. And successSmile


Edited by on 12-06-10 21:33
Author

RE: Backdoors and Security

4rm4g3dd0n
Member



Posts: 904
Location: Louisville,Ky
Joined: 09.10.07
Rank:
Active User
Posted on 13-06-10 01:12
Smile no bro as I stated i have done it that was the example on connection to site you can grab info through the header information such as useragent works well

HTTP_USER_AGENT:Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

Windows system up there Windows NT 6.1 more specifically (windows 7 or windows server 2008) we can go more into those later

looking at the porn has no effect alone but as you know when you download the image file game movie whatever it is file wanted + extra (script threw background) unknown

threw my coding experiences I have found linux systems to be among the most easy to exploit i guess that there are more windows virii because there are more windows users though the mac seems to be the most secure even if hardcore linux type system users want it to be linux OSX unix based systems are truly in the lead of security (I don't know maybe it is becase of all the open source linux) Windows is the hardest hit because of the oceans of users.

besides the fact that I have already done it before maybe it was my program that led to research or even another who thinks like me I don't
want to take anyone's credit ( But I have expereimented a long time and would like to think I contributed) just stating that it possibly could have been one of my programs that led to this proof-of-concept article (which by the way dont have to be written in assembly Wink as for mine were different servers connecting to a single client anyway

quote: (“Even today, Web sites sending exploits to their visitors tend to detect what browser/platform the visitor is using and send a matching exploit to install some malware,”

http://www.comput. . .of_concept

there p-o-c dosen't seem to begin to go as far as mine but then again maybe it does and they don't want al to know the overall actual simplicity of the linux system



a1.sphotos.ak.fbcdn.net/hphotos-ak-snc6/285477_168984629836698_100001754862141_374762_5098511_n.jpg
All I Know Is That I Don't Know Nothing .... Operation Ivy



Edited by 4rm4g3dd0n on 13-06-10 17:37
c:/users