HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Ddoor - Cross Platform Backdoor Using Dns Txt Records

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,621
Solutions
2
Reputation
32
Reaction score
100,455
Points
2,313
Credits
32,730
‎6 Years of Service‎
 
76%
screenshot-747.png


Cross-platform backdoor using dns txt records.

What is ddor?
ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines.

Features

    Allows a single txt record to have seperate commands for both linux and windows machines
    List of around 10 public DNS servers that it randomly chooses from
    Unpredictable call back times
    Encrypts txt record using xor with custom password

Linux Features:

    Anti-Debugging, if ptrace is detected as being attached to the process it will exit.
    Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program.
    Automatically Daemonizes
    Tries to set GUID/UID to 0 (root)

Windows Features:

    Hides Console Window
    Stub Size of around 20kb

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top