fuckchroot
发表于 : 2009-05-16 10:56
一段非常猥琐的代码,干什么用的我就是不说, 
#!/usr/bin/perl
#chrootfucker v1.0 -- 囗囗囗囗 'chroot' Command Kits !
#Command interpreter:
# chrootfucker.pl -chmod <permit> file1 fil2 ... ---change the permission of a given target list
# chrootfucker.pl -checkfilz ---see what the admin leaves us @_@
# chrootfucker.pl -listdir ---list the content of a certain dir
# chrootfucker.pl -guessBySSH <Opensshbanner> ---Guess Distributions using ssh banner
# chrootfucker.pl -guessByApache <Apache banner> ---Guess Distributions by Apache banner
# chrootfucker.pl -showJmpCodz ---Display C code to evadz chroot control
use warnings;
use strict;
#use File::stat;
my @toolkits = ("/bin/sh","/bin/bash","/bin/ls","/bin/tar","/bin/ps",
"/bin/ln","/bin/chmod","/bin/id","/bin/uname","/bin/netstat",
"/bin/pwd","/bin/which","/bin/cat","/bin/touch",
"/usr/bin/find","/usr/bin/wget","/usr/bin/wget","/usr/bin/top",
"/etc/passwd","/etc/shadow","/etc/group","/etc/fstab","/etc/issue");
my %sshBanner = ("OpenSSH_4.6" => 'Red Hat Enterprise Linux AS release 4:Kernle 2.6.9-5.'
,"OpenSSH_4.7" => 'Fedora Core 8: Kernel Version 2.6.23.1'
);
my %apacheBanner =("Apache/2.2.6" => 'Fedora Core 8: Kernel Version 2.6.23.1'
);
print <<EOF;
chrootfucker v1.0 -- 囗囗囗囗 'chroot' Command Kits !
Usage:
$0 -chmod <permit> file1 fil2 ...
$0 -checkfilz
$0 -listdir <dirname>
$0 -guessBySSH <Opensshbanner>
$0 -guessByApache <Apache banner>
$0 -showJmpCodz
EOF
if($#ARGV>=0){
if($ARGV[0] eq "-chmod"){
print "Changing filez permissions\n";
chmod oct($ARGV[1]),@ARGV[2..$#ARGV];
}elsif($ARGV[0] eq "-checkfilz" ){
print "Let's see what we have...\n";
foreach my $file(@toolkits) {
if(-f $file){
print $file."\n";
}
}
}elsif($ARGV[0] eq "-listdir") {
print "Here comes the dir list...\n";
opendir DH,$ARGV[1] || die "Can't open dir!\n";
my @direntry = readdir(DH);
print "FileName Mode UID GID SIZE\n";
foreach my $file(@direntry){
my $mode;
my $uid;
my $gid;
my $size;
my @stat_ret = stat $ARGV[1]."/".$file;
($mode,$uid,$gid,$size) = @stat_ret[2,4,5,7];
printf "%s\t%04o\t%d\t%d\t%d\n",$file,$mode&07777,$uid,$gid,$size;
}
closedir DH;
}elsif($ARGV[0] eq "-guessBySSH") {
if($ARGV[1] =~/(OpenSSH_.*)/){
if(defined($sshBanner{$1})){
print "Find Target! : \n".$sshBanner{$1}."\n";
}else {
print "Target Not Found!\n";
}
}
}
}
#!/usr/bin/perl
#chrootfucker v1.0 -- 囗囗囗囗 'chroot' Command Kits !
#Command interpreter:
# chrootfucker.pl -chmod <permit> file1 fil2 ... ---change the permission of a given target list
# chrootfucker.pl -checkfilz ---see what the admin leaves us @_@
# chrootfucker.pl -listdir ---list the content of a certain dir
# chrootfucker.pl -guessBySSH <Opensshbanner> ---Guess Distributions using ssh banner
# chrootfucker.pl -guessByApache <Apache banner> ---Guess Distributions by Apache banner
# chrootfucker.pl -showJmpCodz ---Display C code to evadz chroot control
use warnings;
use strict;
#use File::stat;
my @toolkits = ("/bin/sh","/bin/bash","/bin/ls","/bin/tar","/bin/ps",
"/bin/ln","/bin/chmod","/bin/id","/bin/uname","/bin/netstat",
"/bin/pwd","/bin/which","/bin/cat","/bin/touch",
"/usr/bin/find","/usr/bin/wget","/usr/bin/wget","/usr/bin/top",
"/etc/passwd","/etc/shadow","/etc/group","/etc/fstab","/etc/issue");
my %sshBanner = ("OpenSSH_4.6" => 'Red Hat Enterprise Linux AS release 4:Kernle 2.6.9-5.'
,"OpenSSH_4.7" => 'Fedora Core 8: Kernel Version 2.6.23.1'
);
my %apacheBanner =("Apache/2.2.6" => 'Fedora Core 8: Kernel Version 2.6.23.1'
);
print <<EOF;
chrootfucker v1.0 -- 囗囗囗囗 'chroot' Command Kits !
Usage:
$0 -chmod <permit> file1 fil2 ...
$0 -checkfilz
$0 -listdir <dirname>
$0 -guessBySSH <Opensshbanner>
$0 -guessByApache <Apache banner>
$0 -showJmpCodz
EOF
if($#ARGV>=0){
if($ARGV[0] eq "-chmod"){
print "Changing filez permissions\n";
chmod oct($ARGV[1]),@ARGV[2..$#ARGV];
}elsif($ARGV[0] eq "-checkfilz" ){
print "Let's see what we have...\n";
foreach my $file(@toolkits) {
if(-f $file){
print $file."\n";
}
}
}elsif($ARGV[0] eq "-listdir") {
print "Here comes the dir list...\n";
opendir DH,$ARGV[1] || die "Can't open dir!\n";
my @direntry = readdir(DH);
print "FileName Mode UID GID SIZE\n";
foreach my $file(@direntry){
my $mode;
my $uid;
my $gid;
my $size;
my @stat_ret = stat $ARGV[1]."/".$file;
($mode,$uid,$gid,$size) = @stat_ret[2,4,5,7];
printf "%s\t%04o\t%d\t%d\t%d\n",$file,$mode&07777,$uid,$gid,$size;
}
closedir DH;
}elsif($ARGV[0] eq "-guessBySSH") {
if($ARGV[1] =~/(OpenSSH_.*)/){
if(defined($sshBanner{$1})){
print "Find Target! : \n".$sshBanner{$1}."\n";
}else {
print "Target Not Found!\n";
}
}
}
}