2004 Hacker Recommendation Tool CGI Back Door:
CGI website back door CGI web pages, envymask write ... "
The web merger this program can automatically generate a web page, you can synthesize a new web page for web pages, and automatically run the Exe file while opening the web page. You will merge the Trojan in a web page, others are browsing, huh, I didn't say anything. ~~~
Haiyang Top Trojans will never be killing Trojans, because it is made with ASP, is also an ASP online elevated web editing software, support online changes, editing, deleting any text file, and most The important thing is to solve the problemless ASP upload ... (Chinese version
CGI-Backdoor Several CGI Trojans (more than ten kinds of web scripts that use the latest vulnerabilities, cover JSP, PHP, ASP, CGI, etc.) *
Post-order door class
Winshell
Winshell is a Telnet server software running on the Windows platform. The main program is a executable of only 5K, which can be performed independently without relying on any system dynamic connection library. Although it is small, it is very functional, support Customized port, password protection, multi-user login, NT service method, remote file download, information customization, and unique anti-DDoS feature, "Invasion NT WINSHELL Used"
Gina
The main role of Gina Trojan is to log in to the file in the name, login password, etc. when the system user logs in, because this DLL is loaded when logging in, so there is no icon, which is a Chinese name in the user name or The domain name is Chinese, etc. can't get users ... Confucianism
Wollf1.5 we write software, extended Telnet service, integrated file transfer, FTP server, keyboard record, Sniffer (for win2k only), port forwarding and other functions, reverse connection, can pass parameter selection with system Start or start as a normal process
Wineggdrop Shell 1.50 Final Edition in an extension Telnet back door program {China's strongest back door}
Rookie scanning software!
20CN IPC Scanner official version
Fully automatic IPC scanner, can be integrated into Trojans synchronously, can detect some users who are not configured by the full firewall through the part, can detect some users who can not detect the stream light ... (Chinese version)
Network broiler hunter
Gadgets for fast finding web broilers
Web information show makes the webpage no longer secret, various information at a glance, what movie, pictures, email addresses, articles, flash, compressed files, executable files ... and more links are now available! Successfully download a variety of software, package tutorial, VB, VC, animation tutorial, flash, movie, photo picture
SQL2.EXE SQL is ambitious, this is the vulnerability!
Netscantools a powerful network kit ... (English version)
Dvbbs.exe
Mobile network logout.asp utilization
THCSQL
The attack programs of the MSSQL OpenDataSource Function Vulnerability discovered by David Litchfield, in the inner source code.
Little purple V2.0 recovery version
* Small purple * (LB Forum Nightmare) V2.0 Edition Add LB.exe to get the forum administrator privilege.
LB5 Forum bomber
My brother writes the program, {Push}
LB5 Forum Bomber Revision 2.5 In the original function of the LB5 Forum Bomber Revised 2.0, the following functions and features are added: 1 Support 6 thread bombings, speed can be more than double the speed than V2.0 double 2 machine intelligence re-increase, with automatic Steering positioning function 3 Increase the monitor window 4 title can be changed ...
MSN Message Attack Machine
This is a message attack machine for MSN Messenger (in fact, it is not limited to MSN), which has a super fast attack speed, according to the test, can reach 5 / sec in ordinary Pentium 200 MMX attack speed. And the software size is very small, effective saving system resources ... (Weird Dog Dedicated version 3389 Lander I changed a small program, there is a username password, use it to log in to the WIN system 3389, (must)
DameWare NT Utilities
A powerful Windows NT / 2000 / XP server remote control software, as long as you have a remote host's management account, you can use it to log in to the interactive control host in remote GUI ... (English) "
Pursue: Find the location of IP!
Willow
This small software can list all system processes (including hidden) and kill the process. This is a shared software ... (Chinese version) "Let the Legend Trojan walk away"
XDebug Ey4S Big Brother Write Windows 2000 Kernel Exploit, it is simple to upgrade the permissions!
Agent's fox can get the latest agent, used to hide true IP, but have the best to make a proxy safe on meat machine!
HACKERDICBUILDER This software is a dictionary production tool, according to the habit of setting passwords, using thread technology, generating dictionary files ... (Chinese version) multi-friend
Scanipc This is the most foolish intrusion software that wood has seen. As long as you set the backdoors and IP range you want to upload, it will start working, the interface is simple and practical, the fully automatic IPC scanner can be used to implant the Trojan, You can detect some users who can't detect through the part without configuring a complete firewall.
Tiny Honeypot This is a simple honeypot program, mainly based on iptables redirection and a xinetd listener, which monitors all the activity information that is currently not used, and provides some return information to the intruder. The response section is written in the Perl program, which provides enough interaction information to fool most of the automatic attack tools and small partial intruders. By default, the program can be installed on the product host, and hardly affect the performance of the host (application platform Linux / POSIX)
ClearLog is used to delete Windows NT / 2K / XP WWW and FTP security log files, usually in invading a server to avoid tracking, using this method to eliminate IP records ... "Invasion Raiders"
LC4 can detect whether the user uses an unsafe password, is the best, the fastest Win NT / 2000 WorkStations password crack tool, which is the latest version. It claims that: less than 48 hours on the P300 machine can be broken 90% Super User (Admin) password. 18% can be broken in less than 10 minutes ...
Dictator DDOS tool, this software is too powerful, not bad, otherwise it may enter prison!
LocatorHack.exe MS Locator! Formuerypacket.wcscpy remote overflow tool is as powerful as WebDAV vulnerabilities. Microsoft Windows Locator Service Remote Buffer Overflow Vulnerability
TFTPD32.EXE graphic TPTP tool, there is no tool such as a hacker, saying that it can't go!
In the IIS5SP3 description, IIS5 installed SP3 overflow successfully, anyway, I didn't succeed in SP3!
SMBRELAY.EXE You can get a NT password has been used with web pages! {Push} IECOOKIESVIEW 1.5 can rewrite the cookies information, there is a tool for cookies deception,
Hackpass.exe, md5.exe cracking the software of the MD5 password ~!
DvgetPass.exe mobile network Tongji.asp vulnerability utilization tool, you can get the forum administrator privilege, then upload an ASP Trojan! Oh, just ~~~~
WebADV's overflow success rate for IIS SP3 (SYSTEM permissions after overflow!) *
R_ WebAdv can use version of WebDAV vulnerability to use tools! I heard that Japan, the traditional is used,
IPScan large-scale network segment fast IPC $ guess
SVC Remote Installation / Delete Win2K Service
3389.vbs Remote installation Win2K terminal service does not need I386
ARPSNIFFER ARP Environment Sniffer (requires WinPCAP2.1 or more) *
ASCII query character and digital ASCII code (often used to encode URL to avoid IDS or script filtering)
CA Remote Cloning Account
CCA checks if there is a cloning account
CRACKVNC remote / local crack WinVNC password (local cost -w parameter)
Pass.dic Password Dictionary
DEBPLOIT WIN2K SP2 Configuring Excellent Lifting Tools
FPIPE port redirection tool
FScan SuperScan Command Line (source port when scanning, support UDP port scan) *
HGOD04 DDoS Apot
Idahack IDA overflow
IDQ.DLL uses ISAPI vulnerability to improve permissions (very valid for SP0 SP1 SP2, is also a great web back door)
IIS IDQ overflow
Inst.zip specifier installation is Win2K service *
IP_mail.rar Software Sending Host Dynamic IP *
IPC.vbs does not rely on IPC $ to open Telnet
ISPC.EXE IDQ.DLL Connection Client
KeyGhost.zip genuine keyboard logger
Log.vbs log clearance (remote clearance does not depend on IPC $)
Msadc.pl Winnt MSADC vulnerability overflow *
MSSQLHACK MSSQL Overflow Procedure 1
MySQL-Client MySQL client
Name.dic's most commonly used Chinese user name (see the user name you usually use is not inside)
Passsniffer size only 3kb non-switch Sniffer software *
p *** EC directly logs in to the host through IPC pipelines
Pskill killing process master
PSList column process master
The Chinese version of WinRAR in the RAR command line (function is quite comprehensive) *
Reboot.vbs Remotely restarts the host's script
SDEMO.ZIP Giant Screen Shooting Video Software
Shed Remote Find Win9X Share Resources
SID uses SID column username
SKSERVERGUI SNAKE Multiple Agent Software
SKSOCKSERVER SNAKE Agent
SMBCRACK is a test prototype developed by a stream 5, and the conventional SMB (shared) violent crack tool is different, and there is no system's API, but the use of SMB protocols. Windows 2000 can make multiple passwords to test multiple passwords in the same session ... "Invasion of the Raiders"
SOCKS uses this tool to install Trojan, even if the gateway reresses the hard drive Trojan is also 嘿嘿 *
Sockscap translates SOCKS5 agent into universal agent
SPC.zip can directly display the remote Win98 shared resource password in Dongdong *
WMIHACK is based on WMI service, the account password (does not need IPC)
Skmontor Snake Registry Monitor (Tool)
SQL1.EXE MSSQL Overflow Program 2
SQL2.EXE MSSQL Overflow Program 3
SQLEC MSSQL client
Excellent scanner for the SuperScan GUI interface
SYN SYN attacks the first master
UPX120 superior compression software, commonly used to compress the Trojan to avoid the HTTP download software in the Wget command line
Win2kpass2 win2k password thief
WinNuke attacks the software of the RPC service (Win2KSP0 / 1/2/3 WinNT WinXP system is unstable)
Smbnuke's software (Win2KSP0 / 1/2/3 Winnt WinXP system crash)
WinPCAP_2_3 nmap, arpsniffer, etc.
WinPCAP_2_3_nogui.exe No installation interface automatically installed WinPCAP_2_3 (Command Line) *
Scanbaby2.0 can use the vulnerability column password crack (cool, go to the RFC in the RFC, there is a Mail Weak point description) *
Superdic_v31 Very comprehensive hacking dictionary generator
GetMin Win2K SP3 Configuration Permissions Enhancement Program (Not bad !!!) *
Whoami is a permission
FSSniffer Giant Non-Switched Sniffer Tools
Twwscan command lines the giant CGI scanner
TFTPD32 is a host pass file for the distant TFTP service (of course there is a shell)
RangeScan custom CGI vulnerability GUI scanner
PWDUMP2 local catching the WinNT / 2K password quota (indispensable)
PWDUMP3 Remote Grasping WinNT / 2K Password Ratings (Nota)
ProceXPNT View System Process and Port Association (GUI Interface) *
NC is not a simple Telnet client.
CMD.txt has any cmd command does not understand?
View the system process and port associations (no procexpnt strong in the GUI interface) without the GUI interface
Brutusa2 full-featured password crack software, support Telnet, FTP, HTTP, etc. password crack
CMD.REG file name automatically complements the REG file (command line: Press the Tab button to automatically make SYS to System, then change to system32)
Registry editor under the regshell command line
Nscopy Backup Man Tool (when you are a user of the Backup Operators group, sometimes your permissions are bigger than admin)
Session.rar has the password quotation value of the Win / NT2000 target host, you can directly send a column value to the host and log in to the host *
Klogger.exe a few KB key record tools, generate klogger.txt files in the current directory after running *
SMB2 Wall SMB Middleman Mitm Attack Tools, insert your own execution command in Session *
XPTSC.Rar WinXP remote terminal client (support WIN2000 / XP)
SQLHACK.ZIP is quite fast MSSQL password violent crafter
MSSQL quite fast MSSQL password violent crackler
NTCRACK.ZIP uses the acquired MD4 Passwd Hash crack account password
Sqlsniffer.rar MSSQL password flats
TelnetHack.rar is remotely opening the Telnet service of the Win2000 machine under the condition of administrator privileges.
RFPORTXP.EXE XP Underlined ports and processes
SqlTools.rar MSSQL Toolkit
ServiceApp.exe Remote Install / Delete Service
Hgod has an option for SYN / DRDOS / UDP / ICMP / IGMP Denial Service Test Function
HSCAN Small Integrated Scanner (supporting Cisco, MySQL, MSSQL, CGI, RPC, IPC (SID), FTP, SSH, SMTP, etc.
HDoor.rar ping back door (ICMP back door)
Siduserenum.exe uses SID to get a list of users (the SID of Xiao Yan sometimes not fully listed) *
RPC_LE.EXE uses RPC overflow to restart Win2k (valid for SP3 SP4HOTFIX) *
R3389.exe Query Terminal Server Changed Port (within 1 second) *
SMBSNIFFER.EXE Gets host hash values to access the local host web page (support intercept intranet host hash) *
NetENUM.EXE Gets a large number of information from the other party via the 3389 port air connection *
Aspcode.exe is the second edition of the most effective ASP overflow program (valid for SP2)
SSLProxy is for agents using the SSL encryption protocol (the scanner can scan the SSL host !!!!) *
LSA2 Gets the plain text password for Winnt / 2K in the LSA registry key, including SQLServer (it is useless) *
PSU.exe opens the specified program with the permissions of the specified process
LDAP.MSI LDAP Lightweight Directory Service Client, Get a large number of information such as account list via 389 ports *
ROOTKIT is perfectly hidden from the underlying underdess, the service, the registry key and the kernel-level Win2k back door bound to the port !!! *
Xscan has a powerful scanning software that compares to the flow of light use multithreading to securely vulnerability detection for the designated IP address segment (or single), support the plugin function, providing two operations of the graphical interface and command line, the scanning content includes : Remote operating system types and versions, standard port status and port Banner information, SNMP information, CGI vulnerability, IIS vulnerability, RPC vulnerability, SQL-Server, FTP-Server, SMTP-Server, POP3-Server, NT-Server Weak ports , NT server NetBIOS information, registry information, etc. The scan results are saved in the / log / directory, Index_ *. HTM is the scan results index file. Increase SSL plug-ins for detecting SSL vulnerabilities; upgrade Port, HTTP, IIS plugin ... (
X-WAY2.5 uses multi-threaded forms to vulnerability scan and security test tools, X-Way multiple versions are developed under Win2000. It is recommended that users are also in the Win2000 environment to play best results ... Chinese version) "Scanning tool, don't forget X-WAY2.5"
SSS Russia, the best scanning software, there is also an analysis, a vulnerability description, slow, it is the best scanning software I have seen!
Namp I have always used this command line scanning software, WIN, Linux version, fast, good, support TCP, UDP, ICMP, security scan will not leave a scan log!
Use Trojan Reconstruction Tools:
Aspack This is a tool that uses Trojans must use tools. It can compress Trojans and do not let anti-virus software to find out!
UPX Very good executable file compression software, supported formats include ATARI / TOS, DJGPP2 / COFF, DOS / COM, DOS / EXE, DOS / SYS, RTM32 / PE, TMT / ADAM, WATCOM / LE, WIN32 / PE, Linux / i386, etc., the compression ratio is also very high
Rookie grades Trojan:
Blackout
Recent ink
Magic control
Gray pigeon
The wind and snow domestic post-door snow, this version is based on some netizens, improves several features, one is to configure the function of automatically sharing the C disk, and the other is to contact the password to repay it to the menu. At the same time, the version of the URL is turned on when the version 1.3 version is turned on when opening the URL ...
The network hockey remote control software, the update is faster, can access the computer in the local area network, the connection is stable uploads the download speed, but will be seen as a Trojan virus chasing by many anti-virus manufacturers, requiring users to have their own FTP space .. . (Chinese Version
Ice 3
Guangxiang boys
Guangxiang girl PEEP
A remote monitoring software that uses anti-port technology, which can be used to achieve the function of the general remote control software, such as a computer that can be monitored to the area network and the firewall, and the controlled computer will have automatic return. The function of the connection, the communication port can be arbitrarily modified, and it has an independent connection, which means that anyone else cannot connect to the other people. Other features also have online notifications, connection rate adjustments, remote archives, distal desktop monitoring,
Remote process management, remote login editing, web pages, DDoS attack, and controlled end settings, resident selection, file bundle, and connection mode, etc. ... (Chinese version)
After the Wooden Cow hidden version, the server is hard disk C drive sharing (full control permissions) to open Admin $, IPC $ sharing, open the Telnet service, automatically create an administrator privilege account: IUSR_Computer password: IUSR_Computer ... This version is automatically Modify the registry, start running
IEEN is controlled by IE remotely. It can remotely control the IE action, you can directly intercept the data communication between IE and any servers, and your username, password and other confidential information you entered in IE, which can store or send this information in plain text, once Start this software, any input and outputs in the remotely monitored browser window are displayed in the local IEEN. Run IEEN_S.EXE (Note: Server) requires administrator privileges
Monitoring Monitoring is monitored (installed on this program) on QQ, Mailbox, etc., and sends it to your own mailbox.
