[WEBINAR] The New Normal: Dealing with the Reality of an Unsecure World

Back Orifice (BO)

Definition - What does Back Orifice (BO) mean?

Back Orifice (BO) is a remote administration system that allows a user to take full control of a computer remotely running the Microsoft Windows operating system (OS) across a TCP/IP connection, either through a simple console or graphical user interface (GUI).

BO actually gives the remote machine more control over a local area network (LAN) or through the Internet, that it does with the person sitting in front of a computer. The program is quite controversial, as it was developed to demonstrate the lack of security in the Windows 98 OS and has all the potential capabilities needs by hackers, despite having a legitimate purpose, like remote administration.

The name is a play on words of Microsoft’s BackOffice Server software.

Techopedia explains Back Orifice (BO)

BO was developed by American hacker Josh Buchbinder, also known as Sir Dystic, to expose the security capabilities of Windows 98.

The application came in the form of a remote administration system that is remotely installed without user interaction and does not show up in the task manager panel, so it cannot be killed. It restarts itself each time the OS starts. The system's client side is installed on another computer where the administrator can take control of the remote computer.

BO has the following capabilities:

  • System control: Allows the administrator to remotely log key strokes or lock/reboot the machine. It can get detailed machine information, including access to all drives and passwords saved or cached by the OS or user.
  • File system control: Allows total control of the file system from copying, modifying, locking and deleting to compression and decompression
  • Process control: Spawns or kills processes at will
  • Multimedia and application control: Controls any multimedia device, such as the computer’s webcam or microphone, plays audio/video (A/V) files, take screenshots and more
  • Network control: Functions as an integrated packet sniffer, allowing the monitoring of data, logs and any passwords while redirecting any incoming packet to any port toward any other port or address

Even with a legitimate purpose like remote administration, the server hides itself from the system and can be distributed as the payload of a Trojan horse. Because of this, the antivirus industry categorizes the tool as malware and immediately quarantines the software.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.