Backdoors Vulnerabilities
Name
Summary
4553 Parasite Mothership Detect
Detects the presence of 4553 parasite's mothership
Agobot.FO Backdoor Detection
Determines the presence of Agobot.FO
Alcatel OmniSwitch 7700/7800 switches backdoor
Checks for the presence of backdoor in Alcatel 7700/7800 switches
alya.cgi
Detects /cgi-bin/alya.cgi
Apache mod_rootme Backdoor
Detect mod_rootme Backdoor
BackOrifice
Determines the presence of BackOrifice
Bofra Virus Detection
Determines the presence of a Bofra virus infection resulting from an IFrame exploit
Bugbear worm
Detect Bugbear worm
Bugbear.B web backdoor
Checks for Bugbear.B web backdoor
Bugbear.B worm
Detect Bugbear.B worm
Cart32 ChangeAdminPassword
Determines the presence of Cart32
CDK Detect
Detects the presence of CDK
Check for VNC HTTP
Detects the presence of VNC HTTP
CodeRed version X detection
CodeRed version X detection
Dabber worm detection
Dabber worm detection
Dansie Shopping Cart backdoor
Determines the presence of Dansie Shopping Cart
DeepThroat
Checks for the presence of DeepThroat
Default web account on Zyxel
Logs into the Zyxel web administration
Desktop Orbiter Server Detection
Checks for the presence Desktop Orbiter
Detect Kibuv & other worms
Detect some backdoors FTP banner (KIBUV, Agobot...)
Finger backdoor
Finger cmd_root@host backdoor
Fluxay Sensor Detection
Determines the presence of Fluxay Sensor
FsSniffer Detection
Determines the presence of FsSniffer
GateCrasher
Checks for the presence of GateCrasher
GirlFriend
Checks for the presence of GirlFriend
HACKER defender finder
HACKER defender finder (All versions)
IIS Download.Ject Trojan Detection
IIS Download.Ject Trojan Detection
IIS Possible Compromise
Searches for traces of a system compromise.
IRC bot detection
Fake IDENT server (IRC bot)
IRC bot ident server detection
Determines the presence of a malicious ident server
JRun Sample Files
Checks for the presence of JRun sample files
Korgo worm detection
Korgo worm detection
Kuang2 the Virus
Checks for Kuang2 the Virus
Lion worm
Determines the presence of Lion
lovgate virus is installed
Checks for the presence of Luvgate
MoonLit Virus Backdoor
Detect MoonLit virus
MPEi/X Default Accounts
Checks for open accounts
mstream agent Detect
Detects the presence of a mstream agent
mstream handler Detect
Detects the presence of a mstream agent
MyDoom Virus Backdoor
Detect MyDoom worm
NetBus 1.x
Checks for the presence of NetBus 1.x
NetBus 2.x
Determines the presence of NetBus Pro
NetSphere Backdoor
Checks for the presence of NetSphere
Port TCP:0
Open a TCP connection to port 0
Portal of Doom
Checks for the presence of Portal of Doom
Post-Nuke Trojan Horse
Determines if post-nuke is trojaned
radmin detection
Detect radmin
radmin on port 10002 - possible GDI compromise
Detect radmin
Remote PC Access Server Detection
Checks for the presence PC Anywhere
RemotelyAnywhere SSH detection
Detect RemotelyAnywhere SSH server
RemotelyAnywhere WWW detection
Detect RemotelyAnywhere www server
RemoteNC detection
Determines the presence of RemoteNC
Sasser Virus Detection
Sasser Virus Detection
Shaft Detect
Detects the presence of Shaft
SMTP server on a strange port
An SMTP server is running on a non standard port
Stacheldraht Detect
Detects the presence of Stacheldraht
SubSeven
Determines the presence of SubSeven
SyGate Backdoor
Detects whether SyGate remote controller is running
TFN Detect
Detects the presence of TFN
TFTP backdoor
Retrieve an executable file through TFTP
The remote host is infected by the Zotob Worm
Connects to port 8888
Trin00 Detect
Detects the presence of trin00
Trin00 for Windows Detect
Detects the presence of trin00
Trinity v3 Detect
Detects the presence of trinity v3
Trojan horses
Look for potential trojan horses
Unpassworded bash account
Logs into the remote host with bash account
URCS Server Detection
Determines the presence of the URCS Server
w32.spybot.fcd worm infection
Detects if w32.spybot.fcd is installed on the remote host
WinSATAN
Checks for the presence of WinSATAN
Wollf backdoor detection
Determines the presence of Wollf
XAMPP Default FTP Account
Attempts to log in via FTP as nobody/xampp
Xerox MicroServer Unauthorized Access Vulnerabilities
Checks for unauthorized access vulnerabilities in Xerox MicroServer
Zincite.A (MyDoom.M) Backdoor
Detect MyDoom worm