kkevsterrr / backdoorme Goto Github PK

View Code? Open in Web Editor NEW

741.0 741.0 152.0 862 KB

powerful auto-backdooring utility

License: MIT License

Python 77.82% C 19.01% Shell 0.15% Makefile 0.20% Batchfile 0.44% C++ 2.37%

backdoorme's People

Contributors

Stargazers

Watchers

Forkers

evil5hadow johnjohnsp1 ecthros yangke kevinmel2000 isnuryusuf suxinging gamehacker m69w caineqt mylovered zhuyue1314 joinquan dutchcoin vasco2016 taibaiyifeng webkodex diegslva stasonhub dptechma 5weet5 muhikathomas wztgex brunoom1 securitywarrior gsquid eniac888 blockwhalex gvsurenderreddy z0x010 ngbatnicdotmil lucabongiorni wflk lionj greatspider kovidonat kbahaxor sovaa clicknull awesome-security awesome-python michalkoczwara ajafixo cephurs subinacls michaeltestliu jbarcia manyfun 453483289 fiefdx mrmugiwara itys vnhacker1337 vinay166 y4b41 srijancse-zz r0ug3 awesome-archive losiry dnkls techlord-rce jack51706 spnow olivierh59500 ziv0chou phpplay yahsharahla nynhex ch4p34un0ir kabadjo samyoyo eltorobiz oscommonjs thanatoskira mehrdad-shokri own2pwn puppycodes b1gw00d tardummy01 needsecurity cnrstar iifand sireof seabreg subzeroking leixyou inc775 paran0ids0ul ericbaranowski zshell mlynchcogent 4n6strider qsdj m41doror joelone cnguyen6-certify rj1ng jerusalemsbell deelmind plebbob

backdoorme's Issues

SSH "backdoor" on a different port

Add keylogger options

although may not be entirely necessary or prudent - pupy & metasploit both come with superior keyloggers and can be started outside of our interface

respect bin poisoning aliases

system calls in C do not respect bash aliases by default, and could potentially make poison more obvious

Add option to start backdoor with boot

Run update-rc.d to add commands to startup

Move userAdd to modules

Could be a good idea to run sudo commands with new user's password, prevents from somebody changing their password and messing every backdoor up

Port setting for backdoor connections

Set a default port for each backdoor and let the user set a specific port if they're interested

Cronjobs

Add cronjob support to the remaining 5 backdoors.

Bash -
Netcat -
Netcat-traditional - Done
Metasploit - Done
Perl - Done
Pupy - Done
Python - Done

Add option to change metasploit payload

Fix module applicability to bash2

SimpleHTTPServer

Set up & background python's SimpleHTTPServer module for full filesystem access:

nohup python -m SimpleHTTPServer > /dev/null &

Customize bash & python backdoor

give user ability to change name, location, etc

add ability to switch targets within a backdoor

Add option to set scp location

Bin Poisoning

Renaming/removing/poisoning essential system calls used for defense

Remove defensive calls, like 'rm', etc
Poison outputs, like netstat
Build wrapper backdoors around functions - create 'ls' binary that calls out a backdoor and then runs the real 'ls'

This one feels particularly evil

Add feature to change ssh connection port

take module definitions out of master

dependencies.py doesn't install colorama

Firewall Control Module/Backdoor

Ability to create or take down firewall

Improve list targets output

Include which target is the current target, more information about if the session is open, and improve the overall look of the printout

check if backdoor exists before attempting to open connection

add to list command

give the user the ability to enumerate either backdoors, modules, or both.

User root option

give the user the ability to set if the account has root access to determine which options will work or not

Netcat automatically dies

And I don't know why. Netcat-traditional works fine.

Send keylogger file back to the user somehow

add ability to add more than one module at once

Run/spawn/manage backdoor shells within interface

Similarly to how metasploit can background & foreground a meterpreter and other shells, handling this within the program could be cool and powerful, and prevent us from having to open multiple windows in order to make anything work