Back Orifice
From Wikipedia, the free encyclopedia
Back Orifice | |
screenshot of the Back Orifice client |
|
Developer: | Sir Dystic (cDc) |
---|---|
Latest release: | 1.20 / August 3, 1998 |
OS: | Microsoft Windows, UNIX-systems (client only) |
Use: | remote administration, trojan horse |
License: | freeware, (open source UNIX client) |
Website: | Back Orifice Homepage |
Back Orifice (often shortened to BO) is a controversial computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a pun on Microsoft BackOffice Server software.
Back Orifice was designed with a client-server architecture. A small and unobtrusive server program is installed on one machine, which is remotely manipulated by a client program with a graphical user interface on another computer system. The two components communicate with one another using the TCP and/or UDP network protocols. In a reference to the Leet phenomenon, this program commonly runs on port 31337.
The program debuted at DEF CON 6 on August 1, 1998. It was the brainchild of Sir Dystic, a member of the U.S. hacker organization CULT OF THE DEAD COW. According to the group, its purpose was to demonstrate the lack of security in Microsoft's operating system Windows 98.
Until recently, the versions of Microsoft Windows designed for the public were single-user desktop operating systems, which were never designed to function as secure networking platforms. Despite this, Microsoft marketed Windows as the preferred solution for computer users primarily interested in accessing the Internet. The strategy worked, and Windows enjoyed extremely high market penetration. As a result of the proliferation of Windows systems across the Internet, the operating system was ideally suited for the demonstration of a hacker tool.
Although Back Orifice has legitimate purposes, such as remote administration, there are other factors that make it suited for less benign business. The server can hide itself from cursory looks by users of the system. If wrapped inside a Trojan horse, it can be installed without trouble and used as an attack point or just to spy on or harass the unsuspecting user.
For those and other reasons, the antivirus industry immediately categorized the tool as malware and appended Back Orifice to their quarantine lists. Despite this fact, it was widely used by script kiddies because of its simple UI and ease of installation.
A sequel application, Back Orifice 2000 was released in 1999.