lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAPuhCB1grxU=OOzv6XFLc0rAUkQ+WBWBaZU4fnjArmDuGiUSTg@mail.gmail.com>
Date: Thu, 9 Feb 2012 00:15:26 +0000
From: mezgani ali <handrix@...il.com>
To: Levent Kayan <levonkayan@....net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: trixd00r v0.0.1 - Advanced and invisible
 TCP/IP based userland backdoor

I was working on a backdoor kernel land, using netfilter =]

Kind regards,


On Wed, Feb 8, 2012 at 10:17 PM, Levent Kayan <levonkayan@....net> wrote:

> On 02/08/12 22:55, Kryton Jones wrote:
> > Is this something like Port Knocking ??
> you can see that kinda as port knocking yes.
>
> >
> > http://en.wikipedia.org/wiki/Port_knocking
> >
> >
> > On 09/02/2012, at 8:29 AM, Levent Kayan wrote:
> >
> >> Hi there,
> >>
> >> description
> >> ===========
> >> trixd00r is an advanced and invisible userland backdoor based on TCP/IP
> >> for UNIX systems. It consists of a server and a client. The server sits
> >> and waits for magic packets using a sniffer. If a magic packet arrives,
> >> it will bind a shell over TCP or UDP on the given port or connecting
> >> back to the client again over TCP or UDP. The client is used to send
> >> magic packets to trigger the server and get a shell.
> >>
> >> file can be found at: http://nullsecurity.net/tools.html
> >>
> >> a demonstration video can be found here:
> >> http://www.youtube.com/watch?v=Hs-nRUrnzwE (enjoy my pr0n)
> >>
> >>
> >> cheers,
> >> noptrix
> >> --
> >> Name: Levon 'noptrix' Kayan
> >> E-Mail: noptrix@...lsecurity.net
> >> GPG key: 0x014652c0
> >> Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
> >> Homepage: http://www.nullsecurity.net/
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
>
> cheers,
> noptrix
> --
> Name: Levon 'noptrix' Kayan
> E-Mail: noptrix@...lsecurity.net
> GPG key: 0x014652c0
> Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
> Homepage: http://www.nullsecurity.net/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
Ali MEZGANI
*N*etwork *E*ngineering/*S*ecurity
http://www.nativelabs.org/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ