> Tools > Backdoor

Backdoors and rootkits for kernel and userland, network, hardware and software. Once you have gone through all the hard work making sure you can get on the system. Make sure you can always get back in.

Date File Description Version Author
04-13-2020 fbkit-0.0.1.tar.gz A very old FreeBSD kernel rootkit. Works for FreeBSD 7.* and 8.*.

0.0.1 noptrix
02-01-2015 mbr_store-1.0.tar.gz This tool stores up to 426 bytes in the MBR's bootloader code section of unused devices such as usb drivers, hrd disks (which are not supposed to boot) and other media. GRUB detection is implemented for safety reasons, Windows bootloader code will be shamelessly overwritten. ;)

1.0 atzeton
02-01-2015 u3-pwn-2.0.tar.gz U3-Pwn is a tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. This is performed by removing the original iso file from the device and creating a new iso with autorun features.

2.0 Zy0d0x
02-01-2015 rubilyn-0.0.1.tar.gz 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and DKOM to hide activity on a host. String resolution of symbols no longer works on Mountain Lion as symtab is destroyed during load, this code is portable on all Lion & below but requires re-working for hooking under Mountain Lion.

0.0.1 prdelka
02-01-2015 trixd00r-0.0.1.tar.gz trixd00r is an advanced and invisible userland backdoor based on TCP/IP for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP. The client is used to send magic packets to trigger the server and get a shell.

0.0.1 noptrix
Join our Matrix channel #nullsecurity.net:matrix.org
Visitor since Nov 2011