Developer(s) | Sir Dystic (cDc) |
---|---|
Stable release | |
Operating system | Microsoft Windows, UNIX-systems (client only) |
Type | Remote administration |
License | Freeware, (source distribution, UNIX client) |
Website | Back Orifice Homepage |
Remove Back Orifice 2000 - Remote Access Trojan (RAT) Remote Access Trojan or RAT for short is form of trojan horse that is often called backdoor because it provides the intruder, or remote user (hacker) special access (hole) to your PC from some control features to full control. The client can this way completely control the remote computer in which the server is installed. HotCat and CoolCat can be compared with other similar applications as NetBus or Back Orifice, but have a more complete set of functions and is a serious administration tool. HotCat and CoolCat run in Windows 95/98/ME/NT/2000.
Back Orifice (often shortened to BO) is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location.[1] The name is a play on words on Microsoft BackOffice Server software. It can also control multiple computers at the same time using imaging.
Back Orifice was designed with a client–server architecture.[2] A small and unobtrusive server program is installed on one machine, which is remotely manipulated by a client program with a graphical user interface on another computer system. The two components communicate with one another using the TCP and/or UDPnetwork protocols. In a reference to the Leet phenomenon, this program commonly runs on port 31337.[3]
The program debuted at DEF CON 6 on August 1, 1998. It was the brainchild of Sir Dystic, a member of the U.S. hacker organization Cult of the Dead Cow. According to the group, its purpose was to demonstrate the lack of security in Microsoft's operating systemWindows 98.
Although Back Orifice has legitimate purposes, such as remote administration, there are other factors that make it suited for less benign uses. The server can hide itself from cursory looks by users of the system. As the server can be installed without user interaction, it can be distributed as payload of a Trojan horse.
![Trojan Trojan](http://www.alenka.freeservers.com/netbus/netbus.gif)
For those and other reasons, the antivirus industry immediately categorized the tool as malware and appended Back Orifice to their quarantine lists. Despite this fact, it was widely used by script kiddies because of its simple GUI and ease of installation.
Two sequel applications followed it, Back Orifice 2000, released in 1999, and Deep Back Orifice by French Canadian hacking group QHA.
See also[edit]
References[edit]
- ^Richtel, Matt. 'Hacker Group Says Program Can Exploit Microsoft Security Hole,' The New York Times August 4, 1998. Retrieved April 24, 2007.
- ^'Information on Back Orifice and NetBus'. Symantec. Retrieved 8 February 2013.
- ^Knudsen, Kent (April 5, 2002). 'Tracking the Back Orifice Trojan On a University Network'(PDF). sans.org. p. 7. Retrieved April 20, 2018.
The server normally binds to UDP port 31337, but it may be configured to use another port.
External links[edit]
- Official website
Retrieved from 'https://en.wikipedia.org/w/index.php?title=Back_Orifice&oldid=912316348'