bind – DiabloHorn

MySQL UDF Shells

Nostalgic feelings all over the place. Just found this baby :) ugly code but when I needed it it sure did it’s job. I even seem to have implemented some kind of rudimentary “social engineering’. When the wrong password is supplied to the bind shell it will respond with “FTP ACCESS DENIED”. Intention was to have people think it was some kind of FTP daemon, so if they attempted a brute force it would be wrong from the beginning.

The command execution shell

http://pastebin.com/f22735864

The bind shell

http://pastebin.com/f611f0ba2

The reverse shell

http://pastebin.com/f5e167b65

Old Rootkit Detection

Well in my quest to move my old kd-team.com tools and papers to my new blog here is another one from the old website. Two ways to detect rootkits, one of them doesn’t work anymore (assuming all rootkits hook the function used back then) the other one I don’t know haven’t tested it latley. Here are the readme’s and the source codes.

Continue reading “Old Rootkit Detection”