Stealth Linux code that can run on a machine and open a port invisibly.

This code that I found: http://paste.scratchbook.ch/view/6f74b58f can run on a Linux machine and open a port invisibly. This allows access to a Linux server without the process showing in process manager and on a port scan of the machine. This might be controversial thing to post on a Linux focused website, but this might be interesting to someone that is in to network security and penetration testing of a Linux server. This would be an interesting challenge. Defeating this code would be a good way to secure a Linux server. I am not sure if NSA Selinux can guard against this code but this is a good example of stealth code. There will be no open port shown in a scan as there is no service listening. But the system will respond to certain SYN packets transmitted to the target system and then the port(s) will be open as required. This code could be detected on a machine, but naming the binary to something innocuous like ‘top’ would make it pass a casual inspection. This is used on Windows to run malicious code without the user seeing it as something unwanted running as a process.

So, check this code out and see how you get on testing this program.

No comments have been made. Use this form to start the conversation :)

Leave a Reply