This code is a shell sniffer that logs keystrokes for bash 3.0.
9b35fdfae427711f593e60b66dab25db64fbb15c2814f7d9219d9aed5f0ee9e0This is a PHP shell that provides the ability to connect back, grab files, perform exploit searches for local roots and compile and run them, and much more.
9a58a31ca500190b10953b45211f622c7f926cd4e939781b4f99fae0213fad96This code is a backdoor for nginx. It provides remote shell access, SOCKS5 tunneling, and HTTP password sniffing and logging.
8f754357b61c73fe20efc8dd28b52d222feb812bbaf36bebdfee47e30d0ddfb1This is a simple PHP web shell backdoor.
aaad39e328e8da519232f1d7feb60cfd3c991f2aa486739cdba8df7d746a8994This is a reverse shell over SCTP implemented in Python. Currently it does not use SSL, but may evade most firewalls and IDS devices as many of them seemingly have no rules in place to check SCTP traffic.
6743f69ce173275310d5f2ffe1d1a49e6786c7abd202da271f4e6f25bd156590This is a simple PHP backdoor using HTTP headers to inject the code as opposed to a GET or POST variable. Uses the fictional "Code: " header as an example, for learning purposes. This is not production code.
397d3f851a08bef7d13138eedf2b87ab8e732b35f14514f58a2162c103188aabHackersh ("Hacker Shell") is a free and open source shell (command interpreter) written in Python with built-in security commands, and out-of-the-box wrappers for various security tools, using Pythonect as its scripting engine. Pythonect is a new, experimental, general-purpose high-level dataflow programming language based on Python. It aims to combine the intuitive feel of shell scripting (and all of its perks like implicit parallelism) with the flexibility and agility of Python.
c188aaa57fe58d3d722bde76e26f37d182dad24c2a123c3691f08b71d8849d85Usernamer is a penetration testing tool to generate a list of possible usernames/logins (ex: John Doe Doeson) for user enumeration or bruteforcing. This tool also supports text-files with one name per line as input.
75f2d3ac161fa0569232e5ce8b802ea530d7b3e34e503645d5c1cf8301c9a8ecPHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().
9ae6f1db9ff8c94146491368c999d0b4d6a0a9cfe7316a6f72a899025250bf36This is a simple utility for exploiting command injection vulnerabilities in web applications. Supports POST and GET requests. Can deliver an "inline shell" or a (python) reverse shell.
2c82dcde1a7835fac49946c2d7c022271f0105c0e8c280133632994e909508cdPHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().
3078b9daa99d887414dbe12584cdafa91a5f3554f05f8ad34cdf5d3ffe218a26PHPkit is a simple PHP based backdoor, leveraging include() and php:// input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include(). Includes a simple python client that gives a "shell" on the server.
a0b89f7413840636a73320699e779bec747d2127f4e7880708cb96dae4596056This is a mini-php backdoor shell. It has a PHP encoder/decoder, mail bombing functionality, reverse shell, cPanel cracker, and more.
27ad339a1514e347e845b24923cfcd49b2242e7c4f4111ce61e4b88048eb9c3eThis is a mini-php backdoor shell.
5ca862943a56fca9733eed2540342a6875fffe6804949d6179595f4a6df1aeeaLast Door is a utility written to wipe specific entries in arbitrary log files and if setuid, will also execute arbitrary commands without logging any history.
c77d9cd0a6f0cecd8e0186eae6512b85a7e83701893271954a6e51376756c1d1Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.
e25b0997b5091f37ef98994f27fe8bbbd761dbb249f79ecc16ff5c73bf2ba57eDNS 2 GeoIP is a simple python script that brute forces DNS and subsequently geolocates the found subdomains. It is useful for determining which services a company hosts off site or on site during a penetration test.
12f04939eaa592462e7f86a13519994bcc657009b29709b32e4d4208459afcf8This sample code is a reverse shell written in PHP with an authentication feature.
baa6da9a5a8a1d7c041facc10f0ed1b4c6b6b4431f46cb1460624911beda9e6bThis is a 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion and below. It uses a combination of syscall hooking and DKOM to hide activity on a host. String resolution of symbols no longer works on Mountain Lion as symtab is destroyed during load, this code is portable on all Lion and below but requires re-working for hooking under Mountain Lion.
b104cfd2f826400eb9d8d5a81941ae270ed54b62ebfb9893fc474185b717dd60This archive contains web malware recovered from honeypots and other places. It includes various backdoors, bots, exploits, and more. Please note that many of the files ARE backdoored so you should exercise extreme caution and analyze them before any execution.
b5640ce9c2b5fa07e026765766d34a8d841fe1a2e49b829ad5ddb72b3996a63bUsernamer is a penetration testing tool to generate a list of possible usernames/logins (ex: John Doe Doeson) for user enumeration or bruteforcing. This tool also supports text-files with one name per line as input.
d656aaa36ab03c431f79667bb3f471fba5fe95f7551a441559af6383ccb21f62Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. Is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.
9ca1b6b62a4fcc57851e48e31b456e9ea711e0ef46b10cf39d3277547b450333NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell.
abba3db5d6d8d109c7a47018d57d39b218beaabd3f5704fd0bd207157668d4bdRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
a891c0b900417f2980f0e9afcdb10d1fd5581703be2587a92c90c7631b8814dcRopeADope is a log cleaning script for Linux.
0a538b3c9726137b26e026c1e69ab969caa3666fe2f0721b2dd11ca711fd1682
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed