|
Port 31337 Details
known port assignments and vulnerabilities
threat/application/port search:
Port(s) |
Protocol |
Service |
Details |
Source |
31337 |
tcp,udp |
Back Orifice |
This port number means "elite" in hacker/cracker spelling (3=E, 1=L, 7=T) and because of the special meaning is often used for interesting stuff... Many backdoors/trojans run on this port, the most notable being Back Orifice.
Here are some others that run on the same port: Back Fire, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, cron / crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini, ADMworm, bindshell, Elite, Gummo.
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
References: [CVE-2003-0719]
aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337.
References: [CVE-2007-2195] [BID-23583] [OSVDB-39116]
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
References: [CVE-2006-6563], [EDB-3333], [EDB-3330], [BID-21587]
Backdoor.Win32.Small.vjt / Unauthenticated Remote Command Execution - the malware listens on TCP port 31337. Third-party attackers who can reach the system can execute OS commands or programs further compromising the already infected machine.
References: [MVID-2021-0337]
.Net Remoting, Terraria, ncat, a netcat alternative
Eldim is a secure file upload proxy (IANA official) |
SG
|
31337 |
tcp |
|
Back Orifice - remote administration tool (often Trojan horse) (unofficial) |
Wikipedia
|
31337 |
tcp |
trojan |
ADM worm, Back Fire, Back Orifice (Lm), Back Orifice russian, BlitzNet, BO client, BO Facil, BO2, Freak88, Freak2k, NoBackO |
Trojans
|
31337 |
udp |
trojan |
Back Orifice, Deep BO |
Trojans
|
31337 |
tcp |
ADMworm |
[trojan] ADM worm |
SANS
|
31337 |
tcp |
BackFire |
[trojan] Back Fire |
SANS
|
31337 |
tcp |
BackOrifice1.20patches |
[trojan] Back Orifice 1.20 patches |
SANS
|
31337 |
tcp |
BackOrifice(Lm) |
[trojan] Back Orifice (Lm) |
SANS
|
31337 |
tcp |
BackOrificerussian |
[trojan] Back Orifice russian |
SANS
|
31337 |
tcp |
BaronNight |
[trojan] Baron Night |
SANS
|
31337 |
tcp |
Beeone |
[trojan] Beeone |
SANS
|
31337 |
tcp |
bindshell |
[trojan] bindshell |
SANS
|
31337 |
tcp |
BO2 |
[trojan] BO2 |
SANS
|
31337 |
tcp |
BOclient |
[trojan] BO client |
SANS
|
31337 |
tcp |
BOFacil |
[trojan] BO Facil |
SANS
|
31337 |
tcp |
BOspy |
[trojan] BO spy |
SANS
|
31337 |
tcp |
cron/crontab |
[trojan] cron / crontab |
SANS
|
31337 |
tcp |
DeepBO |
[trojan] Deep BO |
SANS
|
31337 |
tcp |
Elite |
Sometimes interesting stuff can be found here here |
SANS
|
31337 |
tcp |
Freak2k |
[trojan] Freak2k |
SANS
|
31337 |
tcp |
Freak88 |
[trojan] Freak88 |
SANS
|
31337 |
tcp |
Gummo |
[trojan] Gummo |
SANS
|
31337 |
tcp |
icmp_pipe.c |
[trojan] icmp_pipe.c |
SANS
|
31337 |
tcp |
LinuxRootkitIV |
[trojan] Linux Rootkit IV |
SANS
|
31337 |
udp |
BackOrifice |
cDc Back Orifice remote admin tool |
SANS
|
31337 |
udp |
BackOrifice |
[trojan] Back Orifice |
SANS
|
31337 |
tcp |
Elite |
Sometimes interesting stuff can be found here |
Nmap
|
31337 |
udp |
BackOrifice |
cDc Back Orifice remote admin tool |
Nmap
|
31337 |
udp |
BackOrifice |
[trojan] cDc Back Orifice remote admin tool |
Neophasis
|
31337 |
tcp |
psybnc |
[trojan] psybnc |
Neophasis
|
31337 |
tcp |
threat |
Back Orifice |
Bekkoame
|
31337 |
tcp |
threat |
Emcommander |
Bekkoame
|
31337 |
tcp |
threat |
Sockdmini |
Bekkoame
|
31337 |
tcp |
threat |
W32.HLLW.Gool |
Bekkoame
|
31337 |
udp |
threat |
Back Orifice Back Orifice is a backdoor program that commonly runs at this port. Scans on this port are usually looking for Back Orifice. |
Bekkoame
|
31337 |
udp |
threat |
Deep BO |
Bekkoame
|
31030-31399 |
tcp,udp |
|
Unassigned |
IANA
|
|
37 records found
Related ports: 1337
|