Re: trixd00r v0.0.1 - Advanced and invisible TCP/IP based userland backdoor

[Levent Kayan <levonkayan () gmx net>]

On 02/08/12 22:55, Kryton Jones wrote:
> Is this something like Port Knocking ??
you can see that kinda as port knocking yes.

> http://en.wikipedia.org/wiki/Port_knocking
>
>
> On 09/02/2012, at 8:29 AM, Levent Kayan wrote:
>
> > Hi there,
> >
> > description
> > ===========
> > trixd00r is an advanced and invisible userland backdoor based on TCP/IP
> > for UNIX systems. It consists of a server and a client. The server sits
> > and waits for magic packets using a sniffer. If a magic packet arrives,
> > it will bind a shell over TCP or UDP on the given port or connecting
> > back to the client again over TCP or UDP. The client is used to send
> > magic packets to trigger the server and get a shell.
> >
> > file can be found at: http://nullsecurity.net/tools.html
> >
> > a demonstration video can be found here:
> > http://www.youtube.com/watch?v=Hs-nRUrnzwE (enjoy my pr0n)
> >
> >
> > cheers,
> > noptrix
> > -- 
> > Name: Levon 'noptrix' Kayan
> > E-Mail: noptrix () nullsecurity net
> > GPG key: 0x014652c0
> > Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
> > Homepage: http://www.nullsecurity.net/
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/


cheers,
noptrix
-- 
Name: Levon 'noptrix' Kayan
E-Mail: noptrix () nullsecurity net
GPG key: 0x014652c0
Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
Homepage: http://www.nullsecurity.net/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/