So I'm going to be working on a project soon. It's a backdoor for iPod / iPhone's that can be exploited via SSH. I've already coded the exploit in Python to gain remote root, but I'm going to be working on a backdoor for it either in C or Python. Some backdoor functions include: [list] [*]SSH backdoor[/*:m] [*]Execute arbitrary code[/*:m] [*]Remote Buffer OverFlow / Heap OverFlow[/*:m] [*]Remote VNC[/*:m] [*]Read from files(EG: /etc/passwd)[/*:m] [*]Write to files(EG: /etc/passwd)[/*:m] [*]Download files(EG:/var/mobile/document.pwn)[/*:m] [*]Upload files(EG:/home/root/expl0it.c)[/*:m] [*]More..[/*:m][/list:u]
Which ever your best at really , i would probably be more help with C
I'll probobly code it in Python, as I'm better at coding sockets in Python and I already coded the remote root exploit in Python, which makes the job a whole lot easier.
Yeah true, fair enough good luck on it! Whats the ETA?
No ETA at the moment. I'm thinking about putting this all in one "meterpreter-like environment". Like a meterpreter session, but my own hand coded environment.
that sounds good chronic i wouldnt know how to do that
It's actually fairly simple. Just ask for raw input by the user. I'll put pre-made commands such as the ones listed and more. Like if the user types "delete" without the quotes on "CShell"(What I'm calling the meterpreter environement), it asks for the file to delete and then deletes it.
Dude, how you gonna do openssh backdoor? Patch and recompile, or modifying binary/running program in memory? Also, i dont understand for what purpose could remote bof/hof could be? I mean you already have it rooted, right?