29 matches found
📄 Backdoor.Win32.Netbus.170 Blind Command Execution
This Metasploit module provides historical/educational exploitation of the Backdoor.Win32.Netbus.170 trojan, originally discovered in 1998. It represents a legacy proof-of-concept rather than a modern offensive security tool...
📄 Netbus Backdoor 1.7 Remote Code Execution
Netbus Backdoor version 1.7 Metasploit module that leverages an insecure credential storage vulnerability that then performs command injection. ============================================================================================================================================= | Title :...
📄 Backdoor.Win32.Netbus.170 MVID-2025-0703 Insecure Credential Storage
Backdoor.Win32.Netbus.170 malware listens on TCP ports 12632 and 12631. The backdoor server password "ecoli" is stored in cleartext in an .INI textfile, stored under "C:\Windows" having the same name as the malware. Third party attackers who have knowledge of the password can login and issue...
EUVD-2003-1465
Malware in sbrugna...
Backdoor.Win32.Netbus.12 Information Disclosure
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d9822984ed546cbf3ccffd149d1d2af5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Netbus.12 Vulnerability: Unauthenticated Information Disclosure Description: The...
Netbus 2.0 Pro Directory Listings Disclosure and File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9475/info It has been reported that Netbus may be prone to a a directory listings disclosure and file upload vulnerability that may allow and attacker to disclose sensitive information and the possibility of corrupting...
Trojan/Backdoor Detection - netbus
Binary data 6225.prm...
Nmap NSE net: netbus-info
Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself. The extracted host information includes a list of running applications, and the hosts sound volume settings. The extracted service information includes it's access control list acl, server...
Nmap NSE net: netbus-version
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE net: netbus-info
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE net: netbus-version
Extends version detection to detect NetBuster, a honeypot service that mimes NetBus. OpenVAS Vulnerability Test $Id: gbnmapnetbusversionnet.nasl 5499 2017-03-06 13:06:09Z teissa $ Autogenerated NSE wrapper Authors: NSE-Script: Toni Ruottu NASL-Wrapper: autogenerated Copyright: NSE-Script: The Nma...
Nmap NSE net: netbus-brute
Performs brute force password auditing against the Netbus backdoor 'remote administration' service. SYNTAX: userdb: The filename of an alternate username database. unpwdb.passlimit: The maximum number of passwords 'passwords' will return default unlimited. passdb: The filename of an alternate...
Nmap NSE net: netbus-auth-bypass
Checks if a NetBus server is vulnerable to an authentication bypass vulnerability which allows ful access without knowing the password. For example a server running on TCP port 12345 on localhost with this vulnerability is accessible to anyone. An attacker could simply form a connection to the...
Nmap NSE net: netbus-auth-bypass
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE net: netbus-brute
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
netbus-auth-bypass NSE Script
Checks if a NetBus server is vulnerable to an authentication bypass vulnerability which allows full access without knowing the password. For example a server running on TCP port 12345 on localhost with this vulnerability is accessible to anyone. An attacker could simply form a connection to the...
netbus-brute NSE Script
Performs brute force password auditing against the Netbus backdoor "remote administration" service. See also: netbus-auth-bypass.nse Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. Example Usage nmap -p 12345...
netbus-info NSE Script
Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself. The extracted host information includes a list of running applications, and the hosts sound volume settings. The extracted service information includes its access control list acl, server...
netbus-version NSE Script
Extends version detection to detect NetBuster, a honeypot service that mimes NetBus. Example Usage nmap -sV -p 12345 --script netbus-version Script Output 12345/tcp open netbus Netbuster honeypot Requires nmap shortport stdnse local nmap = require "nmap" local shortport = require "shortport" loca...
CVE-2003-1475
CVE-2003-1475 concerns Netbus 1.5–1.7, where more than one client can connect concurrently but only the first connection is prompted for authentication. This misbehavior allows remote attackers to gain access to the system. Documents do not provide specific exploit steps or affected product versi...