Back Orifice 2000

related topics
{system, computer, user}
{law, state, case}
{math, number, function}
{disease, patient, cell}
{group, member, jewish}
{car, race, vehicle}
{government, party, election}
{@card@, make, design}

Back Orifice 2000 (often shortened to BO2k) is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a pun on Microsoft BackOffice Server software.

BO2k debuted on July 10, 1999 at DEF CON 7 computer security convention in Las Vegas, Nevada. It was originally written by Dildog, a member of US hacker group cDc. It was a successor to the cDc's Back Orifice remote administration tool, released the previous year. As of 2007, BO2k is being actively developed.

Whereas the original Back Orifice was limited to the Windows 95 and Windows 98 operating systems, BO2k also supports Windows NT, Windows 2000 and Windows XP. Some BO2k client functionality has also been implemented for Linux-systems. In addition, BO2k was released as free software, which allows one to port it to other operating systems.

Contents

Plugins

BO2k has a plugin architecture. The optional plugins include

  • communication encryption with AES, serpent, CAST-256, IDEA or Blowfish encryption algorithms
  • network address altering notification by email and cgi
  • total remote file control
  • remote Windows registry editing
  • watching at the desktop remotely by streaming video
  • remote control of both the keyboard and the mouse
  • a chat, allowing administrator to discuss with users
  • option to hide things from system (rootkit behaviour, based on FU Rootkit)
  • accessing systems hidden by a firewall (the administrated system can form a connection outward to the administrators computer. Optionally, to escape even more connection problems, the communication can be done by a web browser the user uses to surf the web.)
  • forming connection chains through a number of administrated systems
  • client-less remote administration over IRC
  • on-line keypress recording.

Controversy

Back Orifice and Back Orifice 2000 are widely regarded as malware, tools intended to be used as a combined rootkit and backdoor. For example at present much antivirus software identifies them as trojan horses[1][2][3][4][5]. This classification is justified by the fact that BO2k is often installed by a trojan horse, in cases where it is used by a criminal behind the systems administrator's back. System administrators are supposed to realize this and ignore the alerts when they are using BO2k for administration of their system.

Full article ▸

related documents
Fsck
Fractal transform
Handshaking
Session Description Protocol
Inter-process communication
Intel 8008
Information technology
Wikipedia:Federal Standard 1037C terms/computer hardware terms
Presentation Layer
Delay encoding
Round-trip delay time
Freescale DragonBall
Low-power communication device
Star coupler
Risc PC
Java Data Objects
Interior Gateway Routing Protocol
Internet Relay Chat channel operator
Undernet
Vertical interval timecode
16-bit
Microphone array
BOS/360
Undocumented feature
Automatic number announcement circuit
Transatlantic telephone cable
Vertical blank interrupt
Off-hook
XPilot
Communications in South Africa