• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Hackers Could Become The Hacked?

April 16, 2008

Views: 24,566

[ad]

It looks like someone is going after the bad guys in a new way, by hacking them back! It’s no news to us that many hacking tools and script kiddy trojan kits are badly programmed..a lot of them have back-doors and the client-side tools have easy exploits that enable you to take over the ‘hackers’ machine.

It’s certainly an interesting approach.

Eriksson, a researcher at the Swedish security firm Bitsec, uses reverse-engineering tools to find remotely exploitable security holes in hacking software. In particular, he targets the client-side applications intruders use to control Trojan horses from afar, finding vulnerabilities that would let him upload his own rogue software to intruders’ machines.

He demoed the technique publicly for the first time at the RSA conference Friday.

“Most malware authors are not the most careful programmers,” Eriksson said. “They may be good, but they are not the most careful about security.”

He’s turned his attention to quite a few of the more popular pieces of mass-distributed malware and found holes in all of them. Those labeled as Remote Administration Tools (RATs) were extremely popular back in the days when Back Orifice, Netbus and Deepthroat first hit the scene. They are still used nowadays but there are newer variants.

Eriksson first attempted the technique in 2006 with Bifrost 1.1, a piece of free hackware released publicly in 2005. Like many so-called remote administration tools, or RATs, the package includes a server component that turns a compromised machine into a marionette, and a convenient GUI client that the hacker runs on his own computer to pull the hacked PC’s strings.

Pcshare_2Using traditional software attack tools, Eriksson first figured out how to make the GUI software crash by sending it random commands, and then found a heap overflow bug that allowed him to install his own software on the hacker’s machine.

The Bifrost hack was particularly simple since the client software trusted that any communication to it from a host was a response to a request the client had made. When version 1.2 came out in 2007, the hole seemed to be patched, but Eriksson soon discovered it was just slightly hidden.

It’ll be interesting to see what else he comes up with and if he can break into any of the big botnets like Storm or Kraken using this method.

That would certainly herald some interesting news.

Source: Wired Blog and thanks to Pantagruel for the heads up.

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Exploits/Vulnerabilities, Malware Tagged With: exploits, hackers, reverse-engineering, trojans, vulnerabilities



Reader Interactions

Comments

  1. zupakomputer says

    April 16, 2008 at 2:31 pm

    It hadn’t surprised me to see the amount of comments to some of the tools postings claiming they are viruses etc….

    same kind of idea as honeytraps really; at the end of the day right enough – if you’re using a machine to remote control another machine, then you’re also most likely using existing tools to mask your ID while you do that, and that means as long as the link is active it’s certainly probable.

    It’s trickier to resolve the originator if there’s no head node(s), and if they’ve written their own specialist hiding configs on a control node.

    Still though, when it comes to finding who’s behind a spam-ad blight….they could just check the addresses of where the products are mailed from, and how you go about ordering them in the first place. You won’t necessarily locate the computer people, but you’ll find someone that hired them.

    And if no to that last bit – well, can I get a safe place like that to order ganj from then? Well?

  2. fever says

    April 17, 2008 at 4:35 am

    agreed

    it could be too easy to backtrack a hacker out the hole he came in.
    imagine breaking into storm or kraken and using them against the builder of the botnet., or just that little script kiddie who keeps bothering you. the possibilities are almost endless.

  3. Yash Kadakia says

    April 20, 2008 at 9:01 pm

    I’m not surprised to see this happening, so many people use this tools with no understanding of them.

    A while back I did some research on the same; and I found tons of Keyloggers and Backdoor Softwares that had holes and backdoors in the client.

    I recently encountered a Remote Administration software, on reverse engineering we found that by sending the client a series of packets in a predefined order; it was possible to have the server run on that particular system.

    I personally use Sandboxie (http://www.sandboxie.com), to analyze any unknown or suspect worthy files.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

AI-Powered Malware - The Next Evolution in Cyber Threats

AI-Powered Malware – The Next Evolution in Cyber Threats

Views: 239

Introduction Artificial Intelligence (AI) is reshaping cybersecurity on both sides of the … ...More about AI-Powered Malware – The Next Evolution in Cyber Threats

Falco - Real-Time Threat Detection for Linux and Containers

Falco – Real-Time Threat Detection for Linux and Containers

Views: 369

Security visibility inside containers, Kubernetes, and cloud workloads remains among the hardest … ...More about Falco – Real-Time Threat Detection for Linux and Containers

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Views: 676

As threat surfaces grow and attack sophistication increases, many security teams face the same … ...More about Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 597

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 638

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 482

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (230)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (235)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,299,276)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,111)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,648)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,694)
  • Password List Download Best Word List – Most Common Passwords (933,536)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,175)
  • Hack Tools/Exploits (673,304)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,194)

Search

Recent Posts

  • AI-Powered Malware – The Next Evolution in Cyber Threats May 21, 2025
  • Falco – Real-Time Threat Detection for Linux and Containers May 19, 2025
  • Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance May 16, 2025
  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy