Welcome to the Back Orifice Section.

File Name Downloads File Size Last Modified
antigen10.zip2173194283Aug 16 17:14:37 1999
AntiGen 1.0 - Detects, cleans, and destroys the Back Orifice trojan, automatically; checks the severity of the BOserve infection and cleans each of them - automatically, in a wizard interface. By Fresh Software.
antigen102.zip2754195502Aug 16 17:14:38 1999
AntiGen will detect, clean, and destroy the Back Orifice trojan horse from your computer, automatically. It uses a wizard interface and does the work for you. By Fresh Software.
B1bogui.zip253721332Aug 16 17:14:41 1999
English Help File for BoClient. By BeeOne.
backwork.zip2080168896Aug 16 17:14:38 1999
Backwork looks for Back Orifice server, because it stays resident it detects the server as soon as the server gets installed. If it detects the server it will notify the user and ask for permission to remove the server, after that it will reboot the computer and remove the server files from your hard drive.
back_orifice.txt30395532Aug 16 17:14:37 1999
The CULT OF THE DEAD COW (cDc) SECURITY ALERT. cDc will release Back Orifice, a remote MS Windows Administration tool, on 8/1/98. There goes what was left of Windows security...
bo-faq.html13339396Aug 16 17:14:37 1999
Back Orifice Buttplugs and Goodies FAQ (Frequently Asked Questions), By Enigma.
bo.zip4210284421Aug 16 17:14:37 1999
Back Orifice - Windows Remote Administration Tool, by the cDc. Read the details. Windows version.
bo120.zip5604284421Aug 16 17:14:37 1999
BO v1.2.0 - Latest version of Back Orifice for Windows95/98.
bo121unix.tar.gz181527642Aug 16 17:14:37 1999
UNIX version of cDc's Back Orifice, WITH source code. The controversial Windows Remote Administration/Hacking Tool/Trojan has been ported and the source code released.
boclient-1.3.0-pre-1..>191650062Aug 16 17:14:36 1999
boclient 1.3.0-pre - boclient is a remote windows administation tool which uses BackOrifice or NetBus servers on Windows. It is an improvement of version 1.21. Most recent versions have GNU readline support, NetBus commands, portability to other platforms (BeOS, QNX and 64bit architectures like Alpha) and async network I/O. Changes: This is the initial developers release. Although it is usable, there are still some known bugs (see the TODO file in the distribution). By Dobrica Pavlinusic.
BoClient1.3b.zip2152329730Aug 16 17:14:39 1999
BoClient 1.3b2 - BeeOne's version of BoGUI. By BeeOne.
BoClient1.4.exe2291375990Aug 16 17:14:40 1999
BoClient 1.4 - BeeOne's version of Back Orifice GUI. New Features: multiple IP for the script, little BO attack sniffer, script can run at startup, built-in TCP send/receive. By BeeOne.
BoClient1.41.exe4278381291Aug 16 17:14:40 1999
BoClient 1.4.1 - BeeOne's version of Back Orifice GUI. New Features in this release: builtin TCP send/receive, remembers most parameters. By BeeOne.
BoDetect_StandAlone...>3644214012Aug 16 17:14:37 1999
A Back Orifice Detector/Remover Program THAT WORKS. By Chris Benson.
BoDetect_v25Beta.zip2982687247Aug 16 17:14:38 1999
BoDetect v2.5 Beta - Detects, removes, kills, monitors for Back Orifice and NetBus trojans. By CBSoftSolutions.
boe.exe2343164625Aug 16 17:14:38 1999
Back Orifice Eliminator - Another excellent Back Orifice detector and remover that works. By Bardon Data Systems.
bof.exe187974240Aug 16 17:14:39 1999
!BO!FREEZE! v1.20.0200 - BO FREEZE detects subnet scans by remote hosts looking for Bo Servers, logs the scans, and then sends malformed packets to the remote host running the BO GUI causing the remote BO GUI to "freeze" or lock up. By Wacky Zany Crazy Productions.
bofix_11.zip22291535947Aug 16 17:14:42 1999
Back OrifiX locates and destroys the Back Orifice trojan. By GroupaXion.
bogtk-1.0.1.tar.gz151230163Aug 16 17:14:40 1999
bogtk v1.0.1 is the latest version of a Back Orifice client with a graphical user interface for Linux/UNIX. It uses the gtk toolkit. By kossico.
bogtk.tar.gz133530076Aug 16 17:14:40 1999
bogtk 1.0 is the first version of a Back Orifice client with a graphical user interface for Linux/UNIX. It uses the gtk toolkit. By kossico.
boinfo.txt20336031Aug 16 17:14:37 1999
Information about the cDc BackOrifice including how to detect if it is installed, how to remove it, and how to break the weak encryption that it uses. From ISS X-Force.
boping.zip05682Dec 12 22:26:12 2000
BOPing is a network scanner for the infamous Back Orifice trojan. It is many times faster than the ping sweeper built in to the original client program. This is intended as a vigilante tool to notify victims who unknowingly have the trojan on their system. It includes the ability to notify detected victims by sending them a BO message box message directly from within the program.  Homepage: http://www.foundstone.com. By Robin Keir
bored.zip143811785Aug 16 17:14:36 1999
BORED executable only. By MadBadger Software.
bored_rt.zip19551122942Aug 16 17:14:37 1999
B.O.R.E.D. v0.2 - Back Orifice Recognition, Extraction and Deletion software. Contains the executable, the readme and the runtime libraries used by the program. By MadBadger Software.
boscan.zip1945131999Aug 16 17:14:38 1999
Another program designed to scan for and remove Back Orifice servers.
boscript-0.1.tar.gz135473322Aug 16 17:14:37 1999
Perl module and loadable library for Back Orifice. Alot of extra functionality with this script added.
boscript-0.2.tar.gz136679445Aug 16 17:14:38 1999
boscript is a Perl interface to the cDc's Back Orifice Remote Administration Server. function reference. By Mitch Blevins.
bospy.zip209985760Aug 16 17:14:39 1999
Back Orifice Spy is similiar to NetBuster. It monitors all connections to tcp port 31337 and logs. If someone pings you, Spy will send pong. You can make your own fake passowrds, so when "BO hacker", demands them (system passwords), he will get the fake ones. Additionally, you can send message box text to the attacker. By Chaplin Inc.
bospy161.zip1913174305Aug 16 17:14:40 1999
Back Orifice Spy v 1.61 - Program fakes installed BO server, listens on user defined ports for attempted connections from remote "BO hackers", logs remote IPs and all commands "BO hacker" attempts to execute, and offers user the option of sending fake replies back to "BO hacker". By Chaplin.
bospy185.zip2570179232Aug 16 17:14:41 1999
Back Orifice SPY v1.85 - Latest release of "anti-Back Orifice" program that logs, protects against, and attacks remote Back Orifice users. By Chaplin Corp..
bowhack.zip2100129797Aug 16 17:14:40 1999
bowhack is similar to whackjob, except it is designed for use with Back Orifice servers. As with whackjob, this program is used to bind a BO server to a game, called "Whack-A-Mole", and it also uses customized ports, renames the BO server to c:\windows\system\sys.exe, and uses modified code to avoid detection from anti-virus software, such as Mcaffe AntiVirus. By Ecoli.
BUTTSniff-0.9.2.zip2448164231Aug 16 17:14:38 1999
BUTTSniff v0.9.2: Upgraded to work with Windows NT! Also added IP and port filtering for direct disk dump. By dildog.
ButtTrumpet.zip198640277Aug 16 17:14:37 1999
ButtTrumpet v1.1 - BUTTplug plugin for Back Orifice. Butt Trumpet 1.1 will attempt to e-mail the IP of the BO Server machine to a user specified e-mail address.
fakeb016.tgz12227724Aug 16 17:14:40 1999
fakebo v0.1.6 - This program fakes BO server and logs every attempt from BO client. It is possible to log attempts to /var/log/fakebo.log or stdout. It can send fake pings and replies back to BO client. Very useful for educational purposes to say something like "hey man, didn't you know that linux cannot be (kvazi)hacked with BO?". This version adds better parsing of config file, date and time logging, option for buffered logging, option for silent mode. For Linux. By Vlatko Kosturjak.
fakebo-0.4.0.tar.gz142574966Aug 16 17:14:41 1999
FakeBO 0.4.0 - FakeBO fakes trojan server responses (Back Orifice, NetBus, etc.) and logs every attempt to a logfile, stdout/stderr or syslog. It is able to send fake pings and replies back to the client which is trying to access your system. Changes: We have switched to CVS for development, added ignorehost option, added RealBO(tm) fake server (responses like Windows BO server), ported to BeOS, QNX and more UNIX flavours (using more native compilers), very optimized cracking routine, very resistable to various DoS attacks (security update), and it runs more secure, i.e. drops privileges if run as root, fixed fork bug and more. By Vlatko Kosturjak & Robert Avilov.
fakebo-0.4.1-win32.e..>1586275456Aug 16 17:14:41 1999
See description below. Windows32 binaries (exe).
fakebo-0.4.1-win32.z..>1639249528Aug 16 17:14:41 1999
See description below. Windows32 binaries (zipped).
fakebo-0.4.1.tar.gz1559108490Aug 16 17:14:41 1999
FakeBO 0.4.1 - FakeBO fakes trojan server responses (Back Orifice, NetBus, etc.) and logs every attempt to a logfile, stdout/stderr or syslog. It is able to send fake pings and replies back to the client that is trying to access your system.Changes: Fixed potential buffer overflow, build on libc5, RealBO improvement, more verbose logging, out-of-the-tar support for rpm, added hex dump of packets and now compiles on Cygwin. Source code. By Vlatko Kosturjak & Robert Avilov.
fakebo-019.tgz118917396Aug 16 17:14:40 1999
FakeBO fakes Back Orifice server responses and logs every attempt to a logfile or stdout. It is able to send fake pings and replies back to the client trying to access your system. This release has minor bug fixes, better support for logging via syslog, support for custom messages for every BO command, support for plug-ins (very beta, use with care), option for version of BO server. For *nix systems. By Vlatko Kosturjak.
fakebo-030.tgz124123348Aug 16 17:14:41 1999
FakeBO 0.3.0 - FakeBO fakes Back Orifice server responses and logs every attempt to a logfile or stdout. It is able to send fake pings and replies back to the client trying to access your system. New with this release: added NetBus support, better custom script handling, better logging to log file, more configuration and commandline options, better configuration handling, server daemon support, bugfixes, makefile improved, cosmetic upgrades. For *nix systems. By Vlatko Kosturjak.
fakebo-031.tgz120327441Aug 16 17:14:41 1999
FakeBO fakes Back Orifice server responses and logs every attempt to a logfile or stdout. It is able to send fake pings and replies back to the client trying to access your system. New with this release: added NetBus support, better custom script handling, better logging to log file, more configuration and commandline options, better configuration handling, server daemon support, bugfixes, makefile improved, cosmetic upgrades, man page. For *nix systems. By Vlatko Kosturjak.
fakebo-032.tgz124227731Aug 16 17:14:41 1999
FakeBO v0.32 fakes Back Orifice server responses and logs every attempt to a logfile or stdout. It is able to send fake pings and replies back to the client trying to access your system. New with this release: fixed buffer overflow bug, added support for flood detecting, fixed bug with port scanners that do tcp SYN stealth port scan, detects tcp SYN stealth port scanning, fixed bug on NetBus support, many additional bugfixes. For *nix systems. By Vlatko Kosturjak.
fakebo-033.tgz133028065Aug 16 17:14:41 1999
FakeBO v0.33 fakes Back Orifice server responses and logs every attempt to a logfile or stdout. It is able to send fake pings and replies back to the client trying to access your system. New with this release: fixed buffer overflow bug, added support for flood detecting, fixed bug with port scanners that do tcp SYN stealth port scan, detects tcp SYN stealth port scanning, added option to crack encrypted BO packets. For *nix systems. By Vlatko Kosturjak.
fakebo.tgz1266100819Aug 16 17:14:40 1999
fakebo v0.1.5 - This program fakes BO server and logs every attempt from BO client. It is possible to log attempts to /var/log/fakebo.log or stdout. It can send fake pings and replies back to BO client. Very useful for educational purposes to say something like "hey man, didn't you know that linux cannot be (kvazi)hacked with BO?". For Linux. By Vlatko Kosturjak.
fakebo017.tgz11958346Aug 16 17:14:40 1999
FakeBO 0.1.7 - FakeBO fakes Back Orifice server responses and logs every attempt to a logfile or stdout. It is able to send fake pings and replies back to the client trying to access your system. This release adds support to log via syslog, better handling of non-bo packets and minor bug fixes. This is probably the last release before adding NetBus support. By Vlatko Kosturjak.
fakeboreport.pl1623689Aug 16 17:14:41 1999
fakeboreport.pl is a perl script, complimenting FakeBO v0.4.0, that will notify sysadmin of BO attempts. By Robert Szarka.
function.txt06664Aug 16 17:14:38 1999
Sorry, a description is unavailable.
gspot.2.0.patch179953524Aug 16 17:14:41 1999
GSpot 2.0 - Gspot is a control panel for cDc's Back Orifice. As of 2.0, Gspot requires GTK+ 1.2. Gspot was written using cDc's original Unix client sources, only the front end has really changed. Right now Gspot has all of the capabilities of cDc's client for MS Windows, but also allows cut-and-paste, better layout, session saving and command scripting. Changes: Added options to save the information returned by Gspot to a file, and to record and play back a sequence of commands (scripting). By Gordon Messmer.
gspot.patch185737936Aug 16 17:14:41 1999
GSpot 1.21 - Gspot is a control panel for cDc's Back Orifice. It uses the GTK+ widget set, and should compile with either GTK+ 1.0 or 1.2 series. Gspot was written using cDc's original Unix client sources, only the front end has really changed. Right now Gspot has all of the capabilities of cDc's client for MS Windows, but also allows cut-and-paste, and a larger, more descriptive list for the commands. This is the first release of gspot. By Gordon Messmer.
gspot121.tar.gz1439150019Aug 16 17:14:41 1999
GUI Back Orifice client for *NIX - GSpot 1.21 - Gspot is a control panel for cDc's Back Orifice. It uses the GTK+ widget set, and should compile with either GTK+ 1.0 or 1.2 series. Gspot was written using cDc's original Unix client sources, only the front end has really changed. Right now Gspot has all of the capabilities of cDc's client for MS Windows, but also allows cut-and-paste, and a larger, more descriptive list for the commands. This is the first release of gspot. Working hack of Gordon Messmer's gspot.patch by Hackers Information Report.
infector.zip242094600Aug 16 17:14:39 1999
Infector v0.2 - BoServer crypted to avoid anti-virus software detection. By BeeOne.
lobov12.zip2166522903Aug 16 17:14:39 1999
lobo v.1.2 - Simple, yet very effective program that launches a "counter-attack" against anyone who makes the mistake of scanning you for Back Orifice servers. By Low Noise.
NBO101en.zip2446258224Aug 16 17:14:39 1999
NoBackO v1.01 - Back Orifice sniffer (english version). By BeeOne.
NBO121fr.zip1842296032Aug 16 17:14:39 1999
NoBackO v1.21 - sniffer d'attaques Back Orifice (version française). By BeeOne.
NBO130fr.zip1886361440Aug 16 17:14:40 1999
NoBackO v1.30 - Back Orifice sniffer (french version). By BeeOne.
nobo.exe162869120Aug 16 17:14:38 1999
NOBO is a program that detects Back Orifice (BO) packets in a Windows 95/98 machine. It opens the BO port and keeps waiting for any packet coming from BO clients. Once a packet is received, NOBO logs it with information about the sender (IP address and host name). NOBO can just ignore the packet or be configured to reply back with a message. NOBO web site.
nobo13.exe213574240Aug 16 17:14:41 1999
NOBO v1.3 - NOBO is a program that detects incoming Back Orifice (BO) packets on a Windows 95/98 machine. It opens the BO port and keeps waiting for any packet coming from BO clients. Once a packet is received, NOBO logs it with information about the sender (IP address and host name). NOBO can just ignore the packet or be configured to reply back with a message. This release features pingflood detection, option to configure the computer name to be returned in fake PING replies, and several bugfixes. 73k. By Flávio Veloso.
RCR1_1new.zip184478366Aug 16 17:14:41 1999
RCR Bot v1.1 - RCR Bot is a plug-in for Back Orifice. It is an IRC client, Channel Bot style. The client is fully customizable and once installed on the BO'ed machine and logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. This version has its own ident server installed. 77k. By Zhenya.
SaranWrap.zip182417567Aug 16 17:14:37 1999
SaranWrap v1.1 - BUTTplug plugin for Back Orifice. Saran Wrap 1.1 is an .exe wrapper that will install BO, and then run a specified application.
SilkRope.zip182041401Aug 16 17:14:37 1999
SilkRope v1.0 - BUTTplug plugin for Back Orifice. Silk Rope 1.0 is an evolution of the SaranWrap concept. An .exe wrapper to facilitate remote installation of BO server and execution of specified application(s).
SilkRope1.1.zip170151536Aug 16 17:14:37 1999
SilkRope v1.1 - Updated version of SilkRope Back Orifice Plugin; now with NT detection and simple encryption.
SilkRope20.zip272151536Aug 16 17:14:37 1999
Silk Rope v2.0 - EXE, instructions, and C source code. Latest version of the Back Orifice plugin, with Install/Infect Redesign. Bind your BO installer with a program of your choosing to create a single file.
Speakeasy.zip167531444Aug 16 17:14:37 1999
Speakeasy v0.1beta - Speakeasy is a Back Orifice ButtPlug that attempts to log into a predetermined IRC server on channel #BO_OWNED with a random username. It then proceeds to announce its IP address and a custom message every few minutes.
src1.41.zip1820114823Aug 16 17:14:39 1999
BoClient v1.41 source code for the BeeOne Windows version of the Back Orifice client, with a custom GUI. By BeeOne.
Srv_gIrC1_8.zip78456565Mar 29 23:13:40 2000
IRC Bot plugin for BO2K v1.0 - It is an IRC client, Channel Bot style. Is fully customizable and once logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. The bot will rejoin any channel where get kicked, reconnect on disconnect, generate random nicks on raw 432 or 433, can delete, list, copy, spawn files on remote machine through irc. Homepage here. By RazboiniK
Srv_gIrC1_81-4.zip58062241Jun 1 11:53:00 2000
IRC plugin for BO2K v1.0. It is an IRC client, Channel Bot style. Is fully customizable and once logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. The bot will rejoin any channel where get kicked, reconnect on disconnect, generate random nicks on raw 432 or 433, can delete, list, copy, spawn files on remote machine through irc. Changes: Added a packet flooder for taking down connections. Homepage here. By RazboiniK
Srv_gIrC1_81.zip79560912May 9 13:52:14 2000
IRC plugin for BO2K v1.0. It is an IRC client, Channel Bot style. Is fully customizable and once logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. The bot will rejoin any channel where get kicked, reconnect on disconnect, generate random nicks on raw 432 or 433, can delete, list, copy, spawn files on remote machine through irc... Homepage here. By RazboiniK
tp10.zip2114137260Aug 16 17:14:37 1999
Toilet Paper v1.0 - Toilet Paper is a program that claims to search for and removes the Back Orifice backdoor trojan, but actually installs it.