Here
you can download the public tools coded by s0ftpr0ject and the ones issued
with Butchered From Inside.
The tools were created in order to improve security and privacy, s0ftpr0ject dissociates itself from any illegal misuse of the material here displayed, and cannot be held responsible of it. For further informations about the tools, please contact the author directly. You can download these tools from our mirror located at packetstorm too. |
||
|
|
|
|
||
SniffJoke 0.3 |
vecna | SniffJoke implements a well known technology: sniffer/IDS elusion and evasion. SniffJoke runs on a network
connected box by selectively applying evasion techniques to sessions involving it. It can also run on a LAN
gateway to work over all sessions coming from LAN hosts. Evasion application is governed by user rules and
implemented with a netfilter/ulogd module. Read documentation here.
[Linux 2.6 - C++ source] |
stegoclick 0.1 |
vecna | Stegoclick project shows how to realize a sort of "steganography over click". Read documentation here.
[Linux - bash/C source] |
I Am 1.0.2.1 |
KJK::Hyperion | Sandboxing tool for Windows. Read documentation here.
[Windows2000/XP/2003 - C++ source/binary] |
apmislay | vecna | apmislay (avoid+privacy+mislay) is a library to make anonymous connections without performance loss. It implements a simple technique based on IP spoofing and suits well for file sharing systems or anonymous transfers of large amount of data. [Linux - C source] |
BigBoo | FuSyS | BigBoo is a YABASST, Yet Another Block And Superblock Subversion Tool. It swallows, encrypts and hides your files in a ext2/ext3 or swap partition. [Linux - C source] |
SABBIAex | vecna | SABBIA protocol anonymizes low latency connections by making a continuous and constant padding over the net. This is an example of implementation on a trusted core. [Linux - C source] |
innova 0.0.1
Project page here |
vecna | innova is a framework that permits to manipulate network sessions starting at layer 3 and being transparent to the application. It runs entirely in userspace on Linux and supports plugins. Check the project page here.
[Linux - C source] |
BlasterSteg | vecna | This code shows how to send hidden data steganographed into a simulation of common (worm) traffic. [Linux - C source] |
sud 1.3
Project page here |
mm_ | sud (superuser daemon) permits a user to switch to root privileges and to use a suid program in a nosuid environment. It is based on a client/server model and on the ability to pass file descriptors between processes. sud permits you to choose your authentication method, and your effective credentials will be checked by using a Unix domain socket. Check the project page here.
[Linux, FreeBSD, NetBSD, OpenBSD - C source] |
gtpa | vecna | generic time path analysis via ttysnoop-0.12c patching. [Linux - C source] |
KSTAT - Kernel Security Therapy Anti-Trolls (2.4.x version) v1.1-2 | FuSyS | This is a major update of kstat, since its release for the
2.2.x kernels. This runs on 2.4.x only, and can better assist
in finding and removing troyan LKMs. It sports network
socket dumps, sys_call fingerprinting, stealth modules
scanning and more. This is not a 'signature-tool'. This
requires a bit of expertise and knowledge of what is going
on. [Linux - C source] |
umpf | vecna | The requirements of this project were: 1) to create a system for managing encrypted files, without depending from hard disks or partitions or users, but from each singular file. 2) that would not require root login or presence to run (thus excluding kernel modules, patches, and new filesystems support). 3) being lightweight, transparent, counting at most 700 lines of code. The final result is 829 lines, divided into 5 files, and it does everything. [Linux - C source] |
HKS | vecna |
Hacking
kernel structures includes: |
TCP Congestion | vecna |
TCP congestion
and related includes: |
mozzarella | anonymous@s0ftpj | An
ftp server that works with Fastweb. [Linux - C source] |
OTU | vecna | Advanced man in the middle concept and code for linux. [Linux - C, perl source] |
Spapem | vecna | This code shows how to elude securelevel under *BSD systems. [FreeBSD - C source] |
KSEC - Kernel Security Checker | pIGpEN | Great tool useful to find an attacker in your system by a direct
analysis of the kernel throught /dev/kmem and bypassing the hiding techniques
of the intruder (kernel static recompilation/use of LKMs). KSec can find the modified syscalls from userspace, detect the promisc interfaces, find the modifications applied to a protocol and much more... [FreeBSD, OpenBSD - C source] |
KSTAT - Kernel Security Therapy Anti-Trolls (2.2.x version) | FuSyS | Great tool useful to find an attacker in your system by a direct
analysis of the kernel throught /dev/kmem and bypassing the hiding techniques
of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls wich were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more... [Linux - C source] |
Anti Anti Sniffer Patch | vecna | Kernel patches to hide a sniffer from the most known anti-sniffers. [Linux - C source] |
Fingerprint Fucker | FuSyS & |CyRaX| | This LKM changes the linux stack to emulate other operative systems
against nmap fingerprints (maybe others). [Linux - LKM C source] |
Securelevel Bypass | pIGpEN | This kld gives you permission to load/unload a kld and modify a sysctl
value even if you aren't root and securelevel is higher than 0. [FreeBSD - KLD C source] |
SMonitor | pIGpEN | Using this tool you are allowed to monitor the use of the syscalls
on your system and to prevent their execution for the specified users/groups. [FreeBSD - C source] |
LIBVSK 1.0 | vecna | Libvsk is a set of libraries for network traffic manipulation from
userlevel, whith some functions of filtrering/sniffing. [Linux - C source] |
Simple Packet Forwarder | vecna | Simple packet forwarder from datalink level (needs libvsk). [Linux - C source] |
Sinto | vecna | This tool lets you send and execute commands on a hijacked tty. [Linux - C source] |
Piove | vecna | This module shows how to intercept getpass(3) function and print
anything that is typed without terminal echo. [FreeBSD - KLD C source] |
SRaw (FreeBSD 4) | pIGpEN | All users are allowed to open raw sockets: this kld disables EPERM
in socket() and permits to allocate inpcb even if the socket is raw and
users haven't root permissions bypassing suser() in pru_attach() functions. [FreeBSD - KLD C source] |
SRaw (OpenBSD) | pIGpEN | This code makes all users able to open raw sockets. Supported protocols
are IPPROTO_RAW, IPPROTO_ICMP, IPPROTO_IPIP, IPPROTO_IPV4, IPPROTO_IGMP. [OpenBSD - C source] |
THC Backdoor (OpenBSD) | pIGpEN | This is a simple but useful backdoor for OpenBSD based on a FreeBSD
lkm by pragmatic/THC [OpenBSD - C source] |
THC Backdoor (Linux) | bELFaghor | This is a simple but useful backdoor for Linux based on a FreeBSD
lkm by pragmatic/THC [Linux - C source] |
L.L.H.M. - Low Level Header Manipulation | valv0 | This tool hides pieces of information in your files. [Win32 - C source] |
SMS Spoofing | Jack McKraK | Spoof your SMS by using this code with smsclient. [Linux - C source] |
LKM Detector | pIGpEN | Module
that finds LKM that modify the system. It acts comparing the original address
fo a kernel routine and the effective address where the internal pointer
to that structure refers. Documentation: 'LKM: TR0VARLi' , BFi8 File 23 (Aprile 2k) [FreeBSD - KLD C source] |
SRaw for FreeBSD | pIGpEN | All users are allowed to open raw sockets... This kld disables EPERM in socket() and permits to allocate inpcb even if the socket is raw and users haven't root permissions... bypassing suser() in pru_attach() functions... [FreeBSD - KLD C source] |
Network kernel hackin' on a FreeBSD box | pIGpEN | We
can change functions of a struct of inetsw[], we can change mbuf structures...
we can access inpcb,inpcbinfo structures... we can change options of every
layer in a connection... [FreeBSD - C source] |
Crypto Library v0.1b | valv{0} & vecna | Implementation
of RSA cryptographic system. Documentation: 'RSA E CRiTT0GRAFiA SiMMETRiCA FTM' , BFi8 File 18 (Aprile 2k) [Win32 - C++ sources] |
SCNS | del0rean | Simple
Community Name sniffer. Documentation: 'SNMP C0MMUNiTY NAME SNiFFER' , BFi8 File 16 (Aprile 2k) [Linux - C source] |
oMBRa | FuSyS | Loadable
Kernel Module for hiding in the system. Implementation of CaRoGNa module,
for Linux 2.2.x kernel Documentation: '0MBRE E LUCi DEL KERNEL LiNUX 2.2.X: oMBRa LKM' , BFi8 File 14 (Aprile 2k) [Linux - LKM C source] |
LuCe | FuSyS | Kernel
module for Linux that watches the system, and add the ability to add on
the fly increased security to an existing configuration. It contains a simple
implementation of BSD securelevel, waiting for official implementation with
Linux Capabilities [POSIX 1.e] in the 2.4.x kernel of solid ACL. Documentation: '0MBRE E LUCi DEL KERNEL LiNUX 2.2.X: LuCe LKM' , BFi8 File 15 (Aprile 2k) [Linux - LKM C source] |
N0Sp00f (Linux) | FuSyS |
Simple module
that avoids that our system will be used as hop start for spoofed attacks.
Implementation for Linux 2.2.x - Datalink Bypassable and Network Layer
Protection |
N0Sp00f (FreeBSD) | pIGpEN | This
KLD finds ip spoofing attempts, if based on setsockopt() system call, via
IP_HDRINCL.- Datalink Bypassable and Network Layer Protection Documentation: 'DDoS PET-NEMESiS: SP00FiNG DETECTi0N' , BFi8 File 13 (Aprile 2k) [FreeBSD - KLD C source] |
N0Sp00f (OpenBSD) | pIGpEN | Protection
for IP_HDRINCL; diff file for /sys/netinet/raw_ip.c of OpenBSD 2.6 - Datalink
Bypassable and Network Layer protection Documentation: 'DDoS PET-NEMESiS: SP00FiNG DETECTi0N' , BFi8 File 13 (Aprile 2k) [OpenBSD - C source + diff] |
Obscura (FreeBSD) | pIGpEN | Total
obscurity of PROMISC mode. DDocumentation: 'FADE TO BLACK DEL PROMISC MODE... MA...' , BFi8 File 12 (Aprile 2k) [FreeBSD - C source] |
Obscura(OpenBSD) | pIGpEN | Total
obscurity of PROMISC mode. DDocumentation: 'FADE TO BLACK DEL PROMISC MODE... MA...' , BFi8 File 12 (Aprile 2k) [OpenBSD - C source] |
Bad Packets Logger | pIGpEN | Module
that uses the stat UDP structures and shows via syslog the source of suspect
packets. Documentation: 'UTiLiZZARE LE STRUTTURE Di STATiSTiCA DEL KERNEL' , BFi8 File 11 (Aprile 2k) [FreeBSD - KLD C source] |
Kerninetstat (FreeBSD) | pIGpEN | This
simple source uses sysctlbyname() in order to get statistics of a protocolo,
useful for analyzing them for security reasons or for testing the kernel. Documentation: 'UTiLiZZARE LE STRUTTURE Di STATiSTiCA DEL KERNEL' , BFi8 File 11 (Aprile 2k) [FreeBSD - KLD C source] |
Kerninetstat (OpenBSD) | pIGpEN | Kerninetstat
porting (FreeBSD) for OpenBSD. Documentation: 'UTiLiZZARE LE STRUTTURE Di STATiSTiCA DEL KERNEL' , BFi8 File 11 (Aprile 2k) [OpenBSD - lkm C source] |
Hacking IP FILTER (FreeBSD) | pIGpEN | Kernel
module that bypass ipfilter rules. Documentation: 'HACKiNG iPFiLTER ViA LKM' , BFi8 File 10 (Aprile 2k) [FreeBSD - KLD C source] |
Hacking IP FILTER (OpenBSD) | pIGpEN | Kernel
module that bypass ipfilter rules. Documentation: 'HACKiNG iPFiLTER ViA LKM',BFi8 File 10 (Aprile 2k) [OpenBSD - lkm C source] |
Eth.Out. Example | pIGpEN | Example
of modified output function for an ethernet interface. Documentation: 'BSD KERNEL: AGiRE SULLE iNTERFACCE Di RETE' , BFi8 File 9 (Aprile 2k) [FreeBSD - KLD C source] |
KCheck | pIGpEN | IGMP/ICMP/IPIP/IDP/RSVP/IPIP/IPPROTO_RAW
Kernel checker. Documentation: 'BSD KERNEL: AGiRE SULLE R0UTiNE Di iNTERFACCiAMENT0 TRA PR0T0C0LL0 E S0CKET' , BFi8 File 8 (Aprile 2k) [FreeBSD - KLD C source] |
UDP Spoof Detect | pIGpEN | KLD
that detects UDP spoofing tries. Documentation: 'BSD KERNEL: AGiRE SULLE R0UTiNE Di iNTERFACCiAMENT0 TRA PR0T0C0LL0 E S0CKET' , BFi8 File 8 (Aprile 2k) [FreeBSD - KLD C source] |
NetRaider | \sPIRIT\ | Remote
administration tool [win32 - asm source] |
sWEETM+NT | \sPIRIT\ | Network
scanning tool (outdated) [linux - bash script] |
FwBypass | pIGpEN | Kernel
Module that permits to bypass the firewall when the request comes from a
specified ip address. [FreeBSD - C source] |
NetHack | pIGpEN | Network
kernel hacking on a FreeBSD box. [FreeBSD - C source] |
PrintSux | pIGpEN | This
src grabs documents printed on a network printer installed with lpd. It works only with normal hubs and without security layers. [Linux - C source] |
GORK v2.0b | pIGpEN | tcp/udp/icmp/ip
dumper which also permits to log only packets with the specified source/destination
host and port; it supports the pcap library. version 2.0b - bugs fixed [Linux/*BSD - C source] |
SPJY2Ksniff
(newbie version) |
FuSyS |
Network sniffer to operate passive attacks and find weaknesses in the protection
of the traffic on your LAN. It uses the pcap(3) library to access to datalink
level. Newbie (limited) version. [Linux - C source] |
cdda2cdr exploit | FuSyS |
/usr/bin/cdda2cdr exploit on SuSE 6.2 Documentation: 'HACKiNG SPiCCi0L0' , BFi 7 File 11 (Dicembre 99) [Linux SuSE 6.2 - bash script] |
SpoofLKM | pIGpEN |
LKMs to forge and detect spoofed packets on your host. Documentation: 'SP00FiNG & SP00FiNG DETECTi0N ViA LKM FR0M A LiNUX B0X' BFi 7 , File 8 (Dicembre 99) ; 'Building Into The Linux Network Layer' (Phrack vol.9, issue 55, file 12 of 19) [Linux/*BSD - C source] |
G0RK | pIGpEN |
tcp/udp/icmp/ip dumper which also permits to log only packets with the specified
source/destination host and port; it supports the pcap library. Documentation: 'G0RK: A SiMPLE & P0WERFUL PACKET L0GGER' , BFi7 File 09 (Dicembre 99) [Linux/*BSD - C source] |
ICMP
Tunneling Library (win32 version) |
Dark Schneider |
ICMP Tunneling Library v1 by FuSyS ported
on Win32. Documentation: 'UNDERC0VER W0RK' , BFi 7 File 13 (Dicembre 99); 'PR0GETT0 NiNJA' , BFi4 (Dicembre 98) [Win32 - C source] |
VLV-CRYPT
v1.0b (win32 version) |
\\alv^iCf |
VlV-Crypt v1.0b - 32Bit SingleKey Engine Edition: cryptographic utility
using private key. Documentation: 'VLV-CRYPT v1.0b 32BiT SiNGLEKEY ENGiNE EDiTi0N' , BFi 7 File 14 (Dicembre 99) ; readme [Win32 - ASM source/binary] |
SYSL0GD trojan | bELFaghor |
These patches applied to syslogd 1.3-31 sources add a new priority, and
using it it's possible to execute locally new commands without be logged. Documentation: 'SYSLOGD TROJAN' , BFi6 (Giugno 99) [Linux - patch] |
xACES | pIGpEN | TCP/UDP/RPC/finger/NFS/samba/web/phone
scanner with string comparing option. XWindows version. Documentation: 'ACES HiGH 2.7' , BFi5 (Marzo 99) [Linux/GTK] |
xTH0T v1.0 | FuSyS | Tcp/ip
Hacking Ominous Tool. Documentation: 'XTH0T v.1.0', BFi6 (Giugno 99) [Linux/GTK - C source] |
0N0S3NDAi
(blind ip spoofing) |
FuSyS
|
Support
tools for 0N0S3NDAi project. Includes: - SEQprobe (displays remote host's ISN generation) - SMail v2 (the DEFINITIVE fake mail) Documentation: 'PR0GETT0 0N0S3NDAi - PARTE II' , BFi6 (Giugno 99) [Linux - C source] |
RPC Backdoor | pIGpEN | A
Backdoor that uses an rpc program to introduce in the host a remote access
facility. Documentation: 'COME MASTURBARE LE RPC E OTTENERE UNA BACKDOOR', BFi6 (Giugno 99) [Linux - C source] |
NetBIOS scan v1.0 | DoLD & Klistron | Shared
resource scanner. [Win9x - C source] |
RPC program scan | pIGpEN | Finds
an rpc program by its number scanning a range of ip's. Documentation: 'VULNERABiLiTA' di RPCBiND', BFi6 (Giugno 99) [Linux - C source] |
DeadScan v1.0 | pIGpEN | Simple
war dialer. Documentation: 'WAR DIALER X LINUX', BFi6 (Giugno 99) [Linux - C source] |
Wu-Thang | del0rean | Vulnerable
Wu-FTPD versions scanner (adapted from statd scanner by BiT). [Linux - C source] |
bELFaghor
|
Kit including various tools to hide from logs generated by ACCT. Includes: - ACCT Knocker - hydra v0.1 - Leipzig v0.1 - LocalFuck v0.1 - Obscura Mens v0.1 - Xytaxehedron v0.1 - Xytaxehedron v0.1i Documentation: 'ACCT' , BFi5 (Marzo 99) [Linux/*BSD - C sources] |
|
bELFaghor
|
Kit
including various tools for generating fake logs and read/redirect logs
generated by SYSKLOGD. Includes: - Shub-Niggurath - vru vru vruk - WALLA WALLA v0.1 - WALLA WALLA v0.2 Documentation: 'SYSLOGD' , BFi5 (Marzo 99) [Linux - C sources] |
|
FuSyS
|
Tool
to scan a LAN in order to find interfaces in PROMISC mode. It's accomplished
by using non-standard queries. Documentation: 'TCP/iP HACKS F0R PHUN AND PR0FiT', BFi5 (Marzo 99) [Linux - C source] |
|
FuSyS
|
TCP
forger. Documentation: 'TCP/iP HACKS F0R PHUN AND PR0FiT' , BFi5 (Marzo 99) [Linux - C source] |
|
FuSyS
|
RST
Storm: destroys TCP links. Documentation: 'TCP/iP HACKS F0R PHUN AND PR0FiT' , BFi5 (Marzo 99) [Linux - C source] |
|
pIGpEN
& bELFaghor
|
TCP/UDP/RPC/finger/NFS/samba/web/phone
scanner with string comparing option.con funzione di comparazione di stringa. Documentation: 'ACES HiGH 2.7' , BFi5 (Marzo 99); aces.doc [Linux - C source] |
|
ValV-N.e.T.
v2.0b2
(Not Earthy Trojan) |
\\alv^iCf
|
Remake
of NETbus 1.7, with some more options, and a polymorphic engine to make
the patch invisible to any antivirus. Documentation: manual.txt [Win9x/NT - binary] |
\\alv^iCf
|
Highly
customizable patcher. Documentation: readme.txt [DOS - binary] |
|
Technolord
|
Patcher
with integrated VM and GUI and with plugins support. Documentation: 'PATCHER PR0 v0.3 t(est) e(valuation)', BFi4 (Dicembre 98); manual.txt [DOS - binary] |
|
pIGpEN
|
rpc.ttdbserver
scanner (adapted from statd scanner by BiT), it uses a file containing the
list of ip's to scan. Documentation: 'RPC.TTDBSERVER SCANNER' , BFiSN98 (Dicembre 98) [Linux - C source] |
|
pIGpEN
& \sPIRIT\
|
Kit
including two tools that scan for exploitable versions of IMAP4; the scan
can be accomplished by specifying a single host or using a file containing
all the ip's.. Includes: - Imap4 scanner - Imap4 checker Documentation: 'iMAP4 SCANNER' , BFiSN98 (Dicembre 98) [Linux - C source] |
|
pIGpEN
|
C
version of gcc 2.7.2.x exploit by Michal Zalewsky. Documentation: 'GCC 2.7.2.x EXPL0iT: C VERSi0N' , BFiSN98 (Dicembre 98) [Linux - C source] |
|
Cavallo
|
Trojan
that enables file and printer sharing, and then enables sharing on all drives
with full access. Documentation: 'WiND0WS E PASSW0RD' , BFi4 (Dicembre 98); file_id.diz [Win9x - binary] |
|
0N0S3NDAi
(non blind ip spoofing) |
FuSyS
|
Support
tools for 0N0S3NDAi project. Includes: - MyWay (simple telnet session hijacker) - Simple Linux Sniffer v0.3 Documentation: 'PR0GETT0 0N0S3NDAi - PARTE I' , BFi4 (Dicembre 98) [Linux - C source] |
FuSyS
|
Shell
hidden into ICMP tunneling that uses 0x00 ECHO REPLY messages to carry data. Includes: - 007Shell - ICMP Tunneling Library v1 Documentation: 'PR0GETT0 NiNJA' , BFi4 (Dicembre 98) [Linux - C source] |
|
FuSyS
|
Loadable
Kernel Module to hide in a system. It substitutes in 4kbytes a full rootkit.
Only for 2.0.x kernels. Documentation: 'PR0GETT0 CAR0NTE - PARTE I' , BFi3 (Luglio 98); 'PR0GETT0 CAR0NTE - PARTE II' , BFi4 (Dicembre 98) [Linux - LKM C source ] |
|
b0z0
|
Network
datapipe with interactive mode, support for proxy server socks (v4 e v5),
logging facility and option to concatenate more pipes. Documentation: 'PiPPA v2', BFi4 (Dicembre 98) [Linux/WinNT - perl source] |
|
FuSyS
|
Utmp
editor that permits to change id, tty and host of a user logged in the system. Documentation: 'T00LS PER RiMANERE iN 0MBRA S0TT0 UNiX', BFi3 (Luglio 98) [Linux - C source] |
|
FuSyS
|
Log
editor that cleans Utmp, Wtmp, LastLog, Messages, XferLog, Secure and MailLog. Documentation: 'T00LS PER RiMANERE iN 0MBRA S0TT0 UNiX', BFi3 (Luglio 98) [Linux - C source] |
|
FuSyS
|
Simple
socket shell. Documentation: 'BACKD00R: iDEE ED iMPLEMENTAZi0Ni', BFi3 (Luglio 98) [Linux - C source] |
|
\\alv^iCf
|
Cryptographic
utility using private key (4096 bytes), random salting. Documentation: 'CRYPT V.6.0.0', BFi3 (Luglio 98); readme.txt [DOS - binary] |
|
b0z0
|
Network
datapipe. Documentation: 'PIPPA, A NETWORK DATAPIPE IN PERL', Xine #3 (Maggio 98) [Linux - perl source] |
|
|scacco|
& Dark Schneider
|
Phf
- test-cgi - htmlscript - view-source - wrap - campas - pfdisplay - webdist
- aglimpse - php - nph-test-cgi scanner. Documentation: 'C0DEZ', BFi2 (Maggio 98); 'N0NS0L0PHF', BFi3 (Luglio 98) [Linux - C source] |
|
FuSyS
|
Modified
version of Todd Vierling's datapipe, where you can specify a name that will
be displayed instead of the process' name. Documentation: 'C0ME 0CCULTARSi iN UN SiSTEMA UNiX', BFi2 (Maggio 98) [Linux - C source] |
s0ftpr0ject
digital security for y2k
is no (c)opyright 1997-2007 of s0ftpr0ject team
Webmaster is smaster (PGP Key) - Contact us at staff@s0ftpj.org (public PGP Key) |