Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'backdoor'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

  1. Sandman is a NTP based backdoor for red team engagements in hardened networks. Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre-defined server. Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility. [Hidden Content]
  2. Powershell Backdoor Generator Reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every run. Also can generate auto run scripts for Flipper Zero and USB Rubber Ducky. Features Hak5 Rubber Ducky payload Flipper Zero payload Download Files from remote system Fetch target computers public IP address List local users Find Intresting Files Get OS Information Get BIOS Information Get Anti-Virus Status Get Active TCP Clients Checks for common pentesting software installed usage: listen.py [-h] [--ip-address IP_ADDRESS] [--port PORT] [--random] [--out OUT] [--verbose] [--delay DELAY] [--flipper FLIPPER] [--ducky] [--server-port SERVER_PORT] [--payload PAYLOAD] [--list--payloads] [-k KEYBOARD] [-L] [-H] Powershell Backdoor Generator options: -h, --help show this help message and exit --ip-address IP_ADDRESS, -i IP_ADDRESS IP Address to bind the backdoor too (default: 192.168.X.XX) --port PORT, -p PORT Port for the backdoor to connect over (default: 4444) --random, -r Randomizes the outputed backdoor's file name --out OUT, -o OUT Specify the backdoor filename (relative file names) --verbose, -v Show verbose output --delay DELAY Delay in milliseconds before Flipper Zero/Ducky-Script payload execution (default:100) --flipper FLIPPER Payload file for flipper zero (includes EOL conversion) (relative file name) --ducky Creates an inject.bin for the http server --server-port SERVER_PORT Port to run the HTTP server on (--server) (default: 8080) --payload PAYLOAD USB Rubber Ducky/Flipper Zero backdoor payload to execute --list--payloads List all available payloads -k KEYBOARD, --keyboard KEYBOARD Keyboard layout for Bad Usb/Flipper Zero (default: us) -A, --actually-listen Just listen for any backdoor connections -H, --listen-and-host Just listen for any backdoor connections and host the backdoor directory [Hidden Content]
  3. Obfuscated powershell reverse backdoor with Flipper Zero and USB Rubber Ducky payloads. Reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every run. Also can generate auto run scripts for Flipper Zero and USB Rubber Ducky. Features Hak5 Rubber Ducky payload Flipper Zero payload Download Files from remote system Fetch target computers public IP address List local users Find Intresting Files Get OS Information Get BIOS Information Get Anti-Virus Status Get Active TCP Clients Checks for common pentesting software installed [hide][Hidden Content]]
  4. Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team. The main idea behind the payloads generated by this tool is inherited from HoaxShell. One could say that Villain is an evolved, steroid-induced version of it. [hide][Hidden Content]]
  5. Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre defined server. Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility. Capabilities Getting and executing an arbitrary payload from an attacker’s controlled server. Can work on hardened networks since NTP is usually allowed in FW. Impersonating a legitimate NTP server via IP spoofing. Setup SandmanServer (Setup) Python 3.9 Requirements are specified in the requirements file. [hide][Hidden Content]]
  6. Linux backdoor, rootkit, and eBPF bypass tools. Remote command execution over raw TCP. Tested on Linux kernel 5.16 Tested on Linux kernel 5.17 Remote code execution over TCP (SSH, Nginx, Kubernetes, etc) Network gateway bypass (bad checksums, TCP reset) Self obfuscation at runtime (eBPF process hiding) Changelog v1.4 More improvements to code (docs, stability, etc) Client now supports -x for SYN only mode [hide][Hidden Content]]
  7. Summary Gel4y Webshell is a backdoor built using the PHP programming language with the PHP procedural method in stealth mode where the file size will not exceed 15KB. Each function has been converted into a hex code to allow this webshell to penetrate the WAF (Firewall) server system. Features Multiple File Upload Create Folder and File File Download Bypassed 403 Forbidden 406 Not Acceptable Imunify360 [hide][Hidden Content]]
  8. Some useful options cls clear console. --s {file or folder} search on disk. Use --v to verbose mode --s --v {file or folder}. To search with full path --s --ff {full path} (e.g --s --f C:/Web/*.txt). --d {file} download file. --t terminate ( Delete all logs and current backdoor ) --p {command} run powershell command --info dowloand phpinfo [hide][Hidden Content]]
  9. Features CMD - Command Execute commands Zone H Notifier Mass/Single Mirror Site on Zone H Notifier Back Connector Reverse Shell with following payload (PHP, RUBY, PERL, PYTHON, NETCAT) credits to my friend bloos3rpent. Mass Defacement Mass deface sites all folders on the same server [hide][Hidden Content]]
  10. 🎭 Naikon APT Group is now using Nebulae Backdoor 🎭 _________________________________ Hey Learners We Are Back with Another Awsm Things , And Sorry about discontinuing Consistency Of Articles Naikon , A cyberespionage group from China, has been actively employing a new backdoor for multiple cyberespionage operations targeting military organizations in Southeast Asia. The backdoor, identified as Nebulae, is used for gaining persistence on infected systems. What has been Discovered ? A Malicious Activity was conducted by Naikon APT between June 2019 and March 2021. ▪️At the beginning of its operation in 2019, the APT had used the Aria-Body loader and Nebulae as the first stage of the attack. ▪️Starting September 2020, the APT group included the RainyDay backdoor in its toolkit, while the attribution to Naikon is based on C2 servers and artifacts utilized in its attacks. ▪️The APT group now delivers RainyDay (aka FoundCore) as a first-stage payload to propagate second-stage malware and tools, including the Nebulae backdoor. What is Nebulae ? ☆It has the ability to collect LogicalDrive info, manipulate files and folders, download and upload files from and to the C2 server, and terminate/list/execute processes on infected devices. ☆In addition, the malware adds a registry key that automatically runs the malicious code on system reboots after login. It is used as a backup access point for the victim in case of an adverse scenario for actors. Conclusion : Naikon APT group has been running the operation silently for two years and has launched multiple cyberespionage operations. Moreover, the group has been active since 2010 and still poses a severe threat to several military organizations in Southeast Asia. Thus, security agencies and professionals need to keep a strict eye on this threat.
  11. A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on the extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from the victim’s computer Start a KeyLogger Get a screenshot of the victim’s computer Get text copied to victim’s clipboard Get contents from a victim’s file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: Creates ‘run.jar’, the backdoor jar file, and copied it to directory ‘backdoor’. Appends a text file containing the server’s IPv4 address to ‘run.jar’. If desired, copies a Java Runtime Environment to ‘backdoor’ and creates batch file ‘run.bat’ for running the backdoor in the packaged Java Runtime Environment. To start the backdoor on a victim PC, transfer all files from the directory ‘backdoor’ onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim’s PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at the start while connected to the same WiFi network as the victim’s computer. Changelog v1.14 Added an option to encrypt data sent to and from the backdoor. [hide][Hidden Content]]
  12. cross-platform backdoor using dns txt records What is ddor? ddor is a cross-platform lightweight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both Linux and Windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call back times Encrypts txt record using xor with custom password Linux Features: Anti-Debugging, if ptrace is detected as being attached to the process it will exit. Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program. Automatically Daemonizes Tries to set GUID/UID to 0 (root) Windows Features: Hides Console Window Stub Size of around 20kb [hide][Hidden Content]]
  13. Arcane Arcane is a simple script designed to backdoor iOS packages (iphone-arm) and create the necessary resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device. [hide][Hidden Content]]
  14. BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on the extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from the victim’s computer Start a KeyLogger Get a screenshot of the victim’s computer Get text copied to victim’s clipboard Get contents from a victim’s file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: Creates ‘run.jar’, the backdoor jar file, and copied it to directory ‘backdoor’. Appends a text file containing the server’s IPv4 address to ‘run.jar’. If desired, copies a Java Runtime Environment to ‘backdoor’ and creates batch file ‘run.bat’ for running the backdoor in the packaged Java Runtime Environment. To start the backdoor on a victim PC, transfer all files from the directory ‘backdoor’ onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim’s PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at the start while connected to the same WiFi network as the victim’s computer. Changelog v1.13.1 Updated documentation Changed package name Fixed a bug with removing files [hide][Hidden Content]]
  15. BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on the extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from the victim’s computer Start a KeyLogger Get a screenshot of the victim’s computer Get text copied to victim’s clipboard Get contents from a victim’s file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: To start the backdoor on a victim PC, transfer all files from the directory ‘backdoor’ onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim’s PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at the start while connected to the same WiFi network as the victim’s computer. Changelog v1.13 When running command prompt commands, the working directory is now consistent. [HIDE][Hidden Content]]
  16. BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on the extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from the victim’s computer Start a KeyLogger Get a screenshot of the victim’s computer Get text copied to victim’s clipboard Get contents from a victim’s file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: Creates ‘run.jar’, the backdoor jar file, and copied it to directory ‘backdoor’. Appends a text file containing the server’s IPv4 address to ‘run.jar’. If desired, copies a Java Runtime Environment to ‘backdoor’ and creates batch file ‘run.bat’ for running the backdoor in the packaged Java Runtime Environment. To start the backdoor on a victim PC, transfer all files from the directory ‘backdoor’ onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim’s PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at the start while connected to the same WiFi network as the victim’s computer. Changelog v1.12.0 Added a feature where if multiple clients attempt to connect to the attacking computer, the user is prompted to select which client to connect to [HIDE][Hidden Content]]
  17. BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on the extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from the victim’s computer Start a KeyLogger Get a screenshot of the victim’s computer Get text copied to victim’s clipboard Get contents from a victim’s file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: Creates ‘run.jar’, the backdoor jar file, and copied it to directory ‘backdoor’. Appends a text file containing the server’s IPv4 address to ‘run.jar’. If desired, copies a Java Runtime Environment to ‘backdoor’ and creates batch file ‘run.bat’ for running the backdoor in the packaged Java Runtime Environment. To start the backdoor on a victim PC, transfer all files from the directory ‘backdoor’ onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim’s PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at the start while connected to the same WiFi network as the victim’s computer. Changelog v1.11 -Added zip and unzip commands -Added directory transferring -When running ‘exfiles’ or ‘expass’ exfiltrated files/passwords are immediately sent to the attacking computer -Added the choice to select where keystrokes should be logged when the backdoor is not running from the C drive -Fixed an error with FTP some users were experiencing [HIDE][Hidden Content]]
  18. BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on the extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from the victim’s computer Start a KeyLogger Get a screenshot of the victim’s computer Get text copied to victim’s clipboard Get contents from a victim’s file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. Changelog v1.10 Added usage over WAN with port forwarding [HIDE][Hidden Content]]
  19. BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from victim's computer Start a KeyLogger Get a screenshot of victim's computer Get text copied to victim's clipboard Get contents from a victim's file (cat) Install & Use [HIDE][Hidden Content]]
  20. Cross-platform backdoor using dns txt records. What is ddor? ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DNS servers that it randomly chooses from Unpredictable call back times Encrypts txt record using xor with custom password Linux Features: Anti-Debugging, if ptrace is detected as being attached to the process it will exit. Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program. Automatically Daemonizes Tries to set GUID/UID to 0 (root) Windows Features: Hides Console Window Stub Size of around 20kb [HIDE][Hidden Content]]
  21. Dabman and Imperial Web Radio Devices suffers from undocumented telnet backdoor and command execution vulnerabilities. View the full article
  22. Maby is a stupid question but i can't find the anwser . Do i need a network adapter to use backdoor on kali linux + vbox ????
  23. This Project Developed For 2 Reasons First " Help Beginners to learn coding . " Second " Help Newbie Servers Managers To Learn New Protection Tricks " Requirements PHP PHP CUrl OS Linux [HIDE][Hidden Content]]
  24. Clever Dog Smart Camera types DOG-2W and DOG-2W-V4 suffer from file disclosure, default telnet backdoor credential, and insecure transit vulnerabilities. View the full article
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.