Back Orifice

Back Orifice (often shortened to BO) is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a play on words on Microsoft BackOffice Server software. It can also control multiple computers at the same time using imaging.

Back Orifice has a client–server architecture. A small and unobtrusive server program is on one machine, which is remotely manipulated by a client program with a graphical user interface on another computer system. The two components communicate with one another using the TCP and/or UDP network protocols. In reference to the Leet phenomenon, this program commonly runs on port 31337.

The program debuted at DEF CON 6 on August 1, 1998 and was the brainchild of Sir Dystic, a member of the U.S. hacker organization Cult of the Dead Cow. According to the group, its purpose was to demonstrate the lack of security in Microsoft's Windows 9x series of operating systems.

Although Back Orifice has legitimate purposes, such as remote administration, other factors make it suitable for illicit uses. The server can hide from cursory looks by users of the system. Since the server can be installed without user interaction, it can be distributed as the payload of a Trojan horse.

For those and other reasons, the antivirus industry immediately categorized the tool as malware and appended Back Orifice to their quarantine lists. Despite this fact, it was widely used by script kiddies because of its simple GUI and ease of installation.

Two sequel applications followed it, Back Orifice 2000, released in 1999, and Deep Back Orifice by French Canadian hacking group QHA.