Hacking Techniques
Last Updated: 7/6/2013 11:13:58 PM

Better a bottle in front of me than a frontal lobotomy.



Hijacking

bu-2012.htm
1963 bytes. by Michal Zalewski (2010)
...because you can't get enough of clickjacking
Exploit   World Wide Web  

Net Scanning

pbs.c
3009 bytes. (1998)
Proxy Bounce Scanner
Net Scanning  
Bounce a portscan off a web proxy server, a la 'FTP bounce attack'
bt814.txt
7428 bytes. (2003)
Unix command line RPC/DCOM Vulnerability Scanner
Net Scanning   Unix   Windows  
portchk.c
4072 bytes. by Missnglnk
portchk.c
Audit Tool   Net Scanning   Linux   Solaris  
Takes either command line input or file input and checks if a given port on a remote host is accesible.
pscan.c
14382 bytes. by Pluvius
pscan
Audit Tool   BSD/FreeBSD   Net Scanning   Linux  
TCP/UDP/NIS/RPC scanner.
findoms.c
2030 bytes. by P. McGinnis (1996)
findomains.c
Audit Tool   Net Scanning   Source Code   Unix  
findomains.c is a simple program to find the names associated with a class C worth of IP's.
propecia.c
1540 bytes. by bind (1999)
Propecia Port Scanner
Audit Tool   Net Scanning   Unix  
soupscan.c
4992 bytes. by Ambient Empire (1999)
Soup Port Scanner
Audit Tool   Net Scanning   Unix  
pscan1.c
8318 bytes. by jay
PScan Port Scanner
Audit Tool   Net Scanning   Unix  
sps.pl
2107 bytes. by MB
Simple Ping Sweep 1.0b
Net Scanning   Unix  
sps is a basic ping sweep utility you can ping a single host, hosts from a file, or a range of ip addresses.
simpslth.c
10521 bytes. by Unyun
Simple Stealth 1.10
Net Scanning   Unix  
This is the simple half-open and stealth TCP port scanner. In the half-open mode, this program can recognize the OS type of target host.
slowscan.pl
11869 bytes. by Miff (1999)
Sl0scan
Net Scanning   Unix  
This port scanner is designed to spoof a port scan from multiple hosts making it difficult for an IDS to discover which was real and which is not.
statdscn.c
2405 bytes. by BiT (1997)
Statd Overflow Scanner
Audit Tool   Net Scanning   Linux  
This is a simple scanner written in C for quickly finding UNIX machines with a vulnerable rpc.statd. Statd is a program commonly associated within the conext of file locking for NFS (Networked File System). In particular it keeps 'state' for locked files in use on the shared filesystems. Statd has had a history of security issues, one of which being a buffer overrun in the portion of Statd which takes information from rpc.lockd (the program which handles the actual file locking). Rpc.lockd is supposed to pass information to the status daemon (statd) in order to notify it for which files it should be keeping state on, the problem is initiated by the fact that statd does not do any authentication on wether this information is actually coming from the lock daemon itself. Because there is improper bounds checking in the status daemon a user can then send data to the status daemon (as if it were from the lock daemon) and execute the buffer overflow in question.
defpsd.txt
7202 bytes. by Wyzewun (1999)
Defeating Portscan Detection
Net Scanning  

Wardialing

wardial.pdf
839108 bytes. by Kingpin (2000)
Wardialing Brief SCN:
Hacking  
wardetct.pdf
43188 bytes. by AT&T
Local Area Detection of Incoming War Dial Activity [AT&T] SCN:
Hacking  

Sniffing

readsmb2.c
9728 bytes. (2001)
SMB Sniffer SNF:

sniffing.htm
142768 bytes. (2000)
Sniffing FAQ SNF:
Frequently Asked Questions  
recons.txt
10459 bytes. by afx (2001)
Reconstructing Serialized Java Objects from Sniffer logs SNF:
Log Analysis  
krnsniff.c
12819 bytes. by Kossak
krnsniff 0.1a SNF:
Linux  
A Linux kernel based sniffer module whose purpose is to expose the dangers of a compromised system. It is virtually impossible to detect, if used with a module hider.

Fingerprinting

addrelay.txt
8655 bytes. (2003)
Address Relay Fingerprinting

footprnt.txt
11983 bytes. (2002)
Footprinting - How and why hackers gather information about systems
Hacking  

Spoofing and Phishing

ebayisap.htm
17633 bytes. by dm (2003)
Typical fake login page used by Phishers (identity thieves) operating on eBay users
Privacy   World Wide Web  
The "real" version of this page from eBay is normally not secure (https://) so eBay's admonishments to look for a secure connection to assure that an eBay page is the real thing is rather pointless with this page. Also, although this example doesn't use the technique, it is possible in Javascript to place a fake address in the address bar of the user's browser, hiding the real URL of this file, and making eBay's advice to look for "https://cgi6.ebay/com....." likewise ineffective.
verify.htm
29684 bytes. by dm (2003)
Typical fake "information update" page used by Phishers to gain credit card and password information
Privacy   World Wide Web  
This page differs from a "real" eBay user verification page only in that the ACTION clause of the main form has been changed to the (fictitious) "www.myphishingsite.com" and calls a PHP file which presumably would process and log the victim's response and then give the user a "thanks for updating your information" page.

Backdooring/Rootkitting

trojans.txt
15930 bytes. (2002)
The latest Trojan Portlist
Backdoor  
comp_trj.txt
34677 bytes. (2000)
The Complete Trojans Text
Backdoor  
destru~1.doc
36352 bytes. by jockstrap (2002)
How to make a destructive trojan
Backdoor   Local: Sweden  
tuxkit.txt
13827 bytes. (2002)
Tuxkit Rootkit Analysis RKT:
Linux  
allabt.txt
16053 bytes. (2001)
All About Trojans
Backdoor  
abiit.txt
37551 bytes. (2001)
A Beginners Intro Into Trojaning
Backdoor  
hddtr.doc
103424 bytes. (2002)
PC On Time Bomb Trojan Virus info
Block Diagram  
rootkits.htm
28555 bytes. (2001)
"Root Kits" and hiding files/directories/processes after a break-in RKT:

trojanhk.doc
3046912 bytes. (2001)
Trojan Hacking
Backdoor  
0066.htm
23041 bytes. (2002)
Analysis of Litmus Backdoor Trojan
Block Diagram  
fakebo.htm
5597 bytes. by Groovy Pants Gus (1999)
FakeBO - Stack buffer overflow, execute arbitrary code, etc. BKI:
Advisory   Exploit   Windows  
boproto.htm
22165 bytes. (1999)
The Back Orifice Protocol! BKI:

blackibo.htm
7174 bytes. by M. DeMaria (2000)
BlackICE Defender 1.2 can fail to block Back Orifice traffic BKI:
Advisory   Windows  
fixbo13.txt
4687 bytes. (2000)
How to remove Back Orifice 1.3 from your system BKI:

fixbo20.txt
4001 bytes. (1999)
How to remove Back Orifice 2.0 from your system BKI:

fixbo2k.txt
4259 bytes. (2000)
How to remove Back Orifice 2000 (BO2K) from your system BKI:

lmbo.txt
1847 bytes. (1999)
About LmBO, a modified Back Orifice server BKI:

subsev-1.htm
1014 bytes. by A. Griffiths (2000)
SubSeven 2.1a Buffer Overflow BKI:
Advisory   Denial of Service  
s7genfaq.txt
15320 bytes.
SubSeven General FAQ BKI:
Frequently Asked Questions  
s7clifaq.txt
5607 bytes.
SubSeven Client FAQ BKI:
Frequently Asked Questions  
s7srvfaq.txt
5656 bytes.
SubSeven Server FAQ BKI:
Frequently Asked Questions  
s7edsfaq.txt
7302 bytes.
SubSeven EditServer FAQ BKI:
Frequently Asked Questions  
fix22.txt
1818 bytes. (2000)
Fixing SubSeven 2.2b1 BKI:

fix21.txt
4408 bytes. (2000)
Fixing SubSeven 2.1 - 2,1 Gold + SubStealth - 2.1.3 MUIE + 2.1 Bonus BKI:

fix20.txt
1220 bytes. (2000)
Fixing SubSeven 2.0 BKI:

fix19.txt
1469 bytes. (2000)
Fixing SubSeven 1.9 - 1.9b BKI:

fix18.txt
2776 bytes. (2000)
Fixing SubSeven 1.8 BKI:

fix17.txt
1122 bytes. (2000)
Fixing SubSeven 1.7 BKI:

fix16.txt
1363 bytes. (2000)
Fixing SubSeven 1.6 BKI:

fix13.txt
1072 bytes. (2000)
Fixing SubSeven 1.3 - 1.4 - 1.5 BKI:

fix10.txt
1144 bytes. (2000)
Fixing SubSeven 1.0 - 1.1 BKI:

portstrj.txt
15593 bytes. by von Braun Consulting, Simovits Consulting (2001)
Ports used by Trojans (the BEST list!) BKI:

trojlist.txt
7444 bytes. (2000)
A lengthy list of Trojans/Backdoors/RATs and the ports they open
Backdoor  
trjnport.txt
3660 bytes. (2000)
Another list of Trojans/Backdoors/RATs and the ports they open
Backdoor  
backdors.txt
19623 bytes. by Christopher Klaus (1997)
Backdoors BKI:

bo2k_dox.doc
207872 bytes. (1999)
Back Orifice 2000 Documentation - MS Word format
Backdoor   Windows  
bo2k.pdf
149429 bytes. (1999)
White Paper on Back Orifice 2000
Backdoor   Hacking  
naiema~1.htm
2415 bytes. (2000)
McAfee dropped NetBus from its scanner!
Backdoor   Hacking  
trojan~1.txt
22540 bytes. (2000)
Information on detecting various trojans
Backdoor   Hacking  
trojan~2.txt
7870 bytes. (2000)
Everything about Trojans and How to use their options
Backdoor   Hacking  
vas016.txt
4336 bytes. (1992)
A WORKING Turbo Pascal 6.0 Trojan
Hacking  
ports.txt
3301 bytes. (1999)
A list of the ports used by many backdoors
Backdoor   Hacking  
vas074.txt
4926 bytes. (1992)
About the corrupted FAT scrambler trojan
Backdoor   Hacking  
ciach047.txt
11119 bytes. (1997)
AOL4FREE COM Trojan Horse Program
Hacking  
ciacg003.txt
14898 bytes. (1996)
AOLGOLD Trojan
Hacking  
vas066.txt
6940 bytes.
About Santa's Logic Bomb
Hacking  
steroid.txt
2394 bytes. (1990)
About the Macintosh "Steroid" Trojan
Hacking  
backdo~1.txt
19623 bytes. (1997)
Backdoors A discussion of many common backdoors and ways to check for them.
Backdoor   Hacking  
bo-bpfaq.txt
8715 bytes.
Back Orifice Buttplugs FAQ
Backdoor Acc.   Hacking   Frequently Asked Questions  
trojanb.txt
4283 bytes.
Beginners Guide to Trojans (no, not condoms)
Hacking  
ca-9901.txt
20679 bytes. (1999)
CERT Advisory 99-01 Trojan TCP Wrappers Tool
Hacking  
ca-9902.txt
20308 bytes. (1999)
CERT Advisory 99-02 Trojan Horses
Hacking  
ansibom2.txt
14567 bytes.
Creating ANSI bombs
Hacking   MS-DOS  
anti-bo.txt
7157 bytes.
Detecting and Removing Back Orifice from your system
Hacking  
bo-tut.txt
6478 bytes. (1999)
Harmless Back Orifice Tutorial
Hacking  
avindu~1.txt
12819 bytes. (1999)
How the A/V Industry works - Renderman's efforts to get an explanation why BO2K is "Bad" while PCAnywhere is "Good"
Hacking  
vas035.txt
7064 bytes. (1992)
How to make ANSI bombs
Hacking  
ciaca6.txt
3840 bytes. (1989)
Information about a trojan horse in Norton Utilities for IBM PCs and clones
Hacking  
ciaca10.txt
2812 bytes. (1989)
Information about the PC Cyborg (AIDS) Trojan Horse
Hacking  
boinfo.txt
6063 bytes. (1998)
Information about the cDc BackOrifice including how to detect if it is installed, how to remove it, and how to
Backdoor  
break the weak encryption that it uses.
ciaci085.txt
12175 bytes. (1998)
MSIE Upgrade Trojan Horse Program
Hacking  
scan78tj.txt
6146 bytes. (1991)
McAfee Scan 78 is a trojan!
Hacking  
cyborg.txt
3378 bytes. (1989)
PC Cyborg Trojan
Hacking  
12tricks.txt
13287 bytes. (1990)
The "12 Tricks" Trojan
Hacking  
ciac-a1.txt
4786 bytes. (1989)
The Telnet Trojan
Hacking  
nukena~1.txt
351 bytes.
Turn Nukenabber into protection against Back Orifice and NetBus
Backdoor   Hacking  
anti-n~1.txt
695 bytes.
What to do if you accidentally click on the Netbus patch.
Backdoor   Hacking  
bodefeat.txt
4570 bytes. (1999)
Definitively defeat Back Orifice
Backdoor   Hacking  
differ~1.txt
4678 bytes.
About different kinds of Trojans
Backdoor   Hacking  
unixtr~1.txt
11610 bytes.
Unix Trojan Horses
Backdoor   Hacking   Unix  
shstroj.txt
3892 bytes. by indieboy (2002)
The possibility of hiding trojans in Shell Scraps - files with extensions that Windowz tries very hard to hide HAK
Windows  
ciacl077.txt
14467 bytes. by CIAC (2001)
CIAC L-077 - Glacier Backdoor
Advisory   Block Diagram  
trojpgpd.txt
3202 bytes. by Wyze1 (1999)
Creating Trojan PGPDisks
Backdoor  
tjwingat.txt
2838 bytes. by Wyzewun (2000)
Fun with "Trojan" Wingates
Backdoor   Windows   Proxy  

lol, wtf?
1 Whoa, bro... Access denied for user 'root'@'localhost' (using password: NO) [an error occurred while processing this directive]

Site design & layout copyright © 1986-2014 THC