Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Back Orifice
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{short description|Computer program for remote system administration}} {{More citations needed|date=October 2016}} {{Infobox software |name = Back Orifice |logo = Back Orifice logo.png |logo size = 200px |screenshot = |caption = Screenshot of the Back Orifice client |developer = [[Sir Dystic]] ([[Cult of the Dead Cow|cDc]]) |operating_system = [[Microsoft Windows 9x]],<br />[[UNIX]]-systems (client only) |latest_release_version = 1.20 |latest_release_date = August 3, 1998 |genre = [[Remote administration]] |license = [[Freeware]], <br />(source distribution, [[UNIX]] client) |website = [http://www.cultdeadcow.com/tools/bo.html Back Orifice Homepage] }} '''Back Orifice''' (often shortened to '''BO''') is a [[computer program]] designed for [[remote administration|remote system administration]]. It enables a user to control a [[computer]] running the [[Microsoft Windows]] operating system from a remote location.<ref name="NYT">Richtel, Matt. "[https://www.nytimes.com/library/tech/98/08/cyber/articles/04hacker.html Hacker Group Says Program Can Exploit Microsoft Security Hole]," ''[[The New York Times]]'' August 4, 1998. Retrieved April 24, 2007.</ref> The name is a [[play on words]] on [[Microsoft BackOffice Server]] software. It can also control multiple computers at the same time using imaging. Back Orifice has a [[client–server]] architecture.<ref>{{cite web|title=Information on Back Orifice and NetBus|url=http://www.symantec.com/avcenter/warn/backorifice.html|archive-url=https://web.archive.org/web/19990222143015/http://www.symantec.com/avcenter/warn/backorifice.html|url-status=dead|archive-date=February 22, 1999|publisher=Symantec|accessdate=8 February 2013}}</ref> A small and unobtrusive server program is on one machine, which is remotely manipulated by a client program with a [[graphical user interface]] on another computer system. The two components communicate with one another using the [[Transmission Control Protocol|TCP]] and/or [[User Datagram Protocol|UDP]] [[transport layer|network protocols]]. In reference to the [[Leet]] phenomenon, this program commonly runs on [[TCP and UDP port|port]] 31337.<ref>{{cite web |url=https://pen-testing.sans.org/resources/papers/gcih/tracking-orifice-trojan-university-network-101743 |title=Tracking the Back Orifice Trojan On a University Network |last=Knudsen |first=Kent |page=7 |quote=The server normally binds to UDP port 31337, but it may be configured to use another port. |date=April 5, 2002 |website=sans.org |access-date=April 20, 2018 |format=PDF |archive-date=April 21, 2018 |archive-url=https://web.archive.org/web/20180421030507/https://pen-testing.sans.org/resources/papers/gcih/tracking-orifice-trojan-university-network-101743 |url-status=dead }}</ref> The program debuted at [[DEF CON]] 6 on August 1, 1998 and was the brainchild of [[Sir Dystic]], a member of the U.S. [[Hacker (computer security)|hacker]] organization [[Cult of the Dead Cow]]. According to the group, its purpose was to demonstrate the lack of security in [[Microsoft]]'s [[Windows 9x]] series of operating systems. Although Back Orifice has legitimate purposes, such as [[remote administration]], other factors make it suitable for illicit uses. The server can hide from cursory looks by users of the system. Since the server can be installed without user interaction, it can be distributed as the payload of a [[Trojan horse (computing)|Trojan horse]]. For those and other reasons, the [[antivirus]] industry immediately categorized the tool as [[malware]] and appended Back Orifice to their quarantine lists. Despite this fact, it was widely used by [[script kiddie]]s because of its simple [[GUI]] and ease of installation. Two sequel applications followed it, [[Back Orifice 2000]], released in 1999, and Deep Back Orifice by French Canadian hacking group QHA. ==See also== *[[Back Orifice 2000]] *[[Sub7]] *[[Trojan horse (computing)]] *[[Malware]] *[[Backdoor (computing)]] *[[Rootkit]] *[[MiniPanzer and MegaPanzer]] *[[File binder]] == References == {{reflist}} == External links == * {{Official website}} {{remote administration software}} {{Cult of the Dead Cow}} [[Category:Common trojan horse payloads]] [[Category:Windows remote administration software]] [[Category:Cult of the Dead Cow software]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:Cite web
(
edit
)
Template:Cult of the Dead Cow
(
edit
)
Template:Infobox
(
edit
)
Template:Infobox software
(
edit
)
Template:Main other
(
edit
)
Template:More citations needed
(
edit
)
Template:Official website
(
edit
)
Template:Reflist
(
edit
)
Template:Remote administration software
(
edit
)
Template:Short description
(
edit
)
Template:Template other
(
edit
)