Honeypots mailing list archives
fdjack : Tool used by "cracker" inside a honeylux
From: Alexandre Dulaunoy <adulau () foo be>
Date: Fri, 20 Jun 2003 16:56:54 +0200
For your information, We got a cracker using "fdjack"[1] in order to monitor activities of the administrator or/and some other "cracker" on the same host. The version used seems to not be the same (seems to have more options) than the 2002 version. If you have somewhere the source code[2] of the modified version, don't hesitate to provide an url... Thanks, adulau [1] http://packetstormsecurity.nl/UNIX/misc/fdjack.tgz [2] The fun part is that the initial software is released under the GNU General Public License, so the rootkit distributed with the code should comply with the terms of the license ;-) but that's another story. -- -- Alexandre Dulaunoy (adulau) -- http://www.foo.be/ -- http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD -- "Knowledge can create problems, it is not through ignorance -- that we can solve them" Isaac Asimov
Attachment:
_bin
Description:
Current thread:
- fdjack : Tool used by "cracker" inside a honeylux Alexandre Dulaunoy (Jun 20)