Month: September 2014

ACK Tunneling Trojans

– Arne Vidstrom, arne.vidstrom@ntsecurity.nu
Summary

Trojans normally use ordinary TCP or UDP communication between their client and server parts. Any firewall between the attacker and the victim that blocks incoming traffic will usually stop all trojans from working. ICMP tunneling has existed for quite some time now, but if you block ICMP in the firewall you’ll be safe from that. This paper describes another concept, that I call ACK Tunneling. ACK Tunneling works through firewalls that don’t apply their rule sets on TCP ACK segments (ordinary packet filters belong to this class of firewalls).

WinShell v5.0 £­ A finished telnet server for windows

Author : janker
Homepage: http://www.janker.org

About
=====
WinShell was a telnet server for windows platform. Main program was just a 5k bytes stand-alone executable file, Could run stably without any third dll, Although it was so thin, it had many of functions, such as custom port, password protect, muti-user logon, NT Service mode, download file£¬user-defined message, special anti-ddos and etc. Detail to see the following:

farm9 README.txt for cryptcat
09-22-2000

Thanks for downloading cryptcat

This is a simple modification to netcat to add twofish encryption.
netcat was origianally written by the l0pht (hobbit and weld pond).

The portion of the code written by farm9 is being released as Open Source.

See the file ‘farm9 Public License Agreement.txt’ for info on Open Source licensing.

Netcat 1.10=========== Netcat is a simple Unix utility which reads and writes dataacross network connections, using TCP or UDP protocol.It is designed to be a reliable "back-end" tool that canbe used directly or easily driven by other programs andscripts. At the same time, it is a feature-rich networkdebugging and exploration tool, since it can create almostany kind of connection you would need and has severalinteresting.....

sdbot 0.5b (test release) by [sd] =================================== web site: http://sdbot.n3.net/ e-mail: sdbot@mail.ru sonork id: 100.2600 icq: 21381594 irc: irc.lcirc.net, #sdbot how to edit the source file ----------------------------- extract the files from the zip into a folder, and look for a file called 'sdbot05b.c' (LCC/mingw) or 'sdbot05b.cpp' (MSVC++). these are source files for sdbot. the contents of both files are exactly the same, they are seperate.....

Hacker defender v0.7.3====================== Main---- Hacker defender v0.7.3 byHoly_Father <holy_father@phreaker.net> & Ratter/29A <ratter@atlas.cz>Copyright (c) 2000,forever ExEwORxbirthday: 10.01.2003home: http://rootkit.host.skBetatesters:ch0pper <THEMASKDEMON@flashmail.com>phj34r (sandstorm99@ziplip.com)ierdna (ierdna@go.ro)UnixDied Hacker defender is rootkit for Windows NT 4.0, Windows 2000 and Windows XP.Main code was written in Delphi 6. New functions are written in assembler.Backdoor and redirector clients are coded mostly in Delphi 6. program uses adapted LDE32LDE32, Length-Disassembler Engine, 32-bit, (x) 1999-2000 Z0MBiEspecial edition.....

========================

– Sub 7 2.1.5 –
– coded by mobman –
_ ReaDMe/Tutorial _
– by FuX0reD –
[ http://www.sub7.net ] ========================

Intro:
In this tutorial I, FuX0reD, will try to do as much hand-holding and will
try to be as THOROUGH as possible, AND IT WILL BE IN PLAIN ENGLISH (for
those people who dont know, or dislike to speak in english). As easy as it
is to figure out, some people still end up screwin up somehow, and infecting
their own asses and end up being 0wned by some other llahmas, so try to
understand these features as well as possible If you have anything to add to
this tutorial or you find something I’ve missed, please email me at
{ fux0red@devil.com }
Everyone’s Favorite Llahma and #SubSeven whore,
– FuX0reD