Jump to content

Simple shell backdoor


Recommended Posts

Global $nWelcomeMsg = "Microshaft Winblows 1.3.37 © Bill Gaytes"
Global $nSocket = -1
Global $nExecute

TCPStartup()

$mSocket = TCPListen(@IPAddress1, 23)
If @error Then Exit MsgBox(0 + 16, "ERROR", "Another server is already running on this port.")

While 1
    If $nSocket = -1 Then
        $nSocket = TCPAccept($mSocket)
        If Not @error Then
            TCPSend($nSocket, $nWelcomeMsg & @CRLF & @CRLF & @UserProfileDir & ">")
        EndIf
    Else
        $nRecv = TCPRecv($nSocket, 1024)
        If @error Then
            ExitLoop
        Else
            $nExecute &= $nRecv
            If StringInStr($nExecute, @CRLF) Then
                $nExecute = StringReplace($nExecute, @CRLF, "")
                _Execute($nExecute)
                $nExecute = ""
                TCPSend($nSocket, @CRLF & @UserProfileDir & ">")
            EndIf
        EndIf
    EndIf
WEnd

Func _Execute($nExec)
    Switch $nExec
        Case "shutdown"
            TCPSend($nSocket, "Bye.")
            TCPCloseSocket($nSocket)
        Case Else
            ToolTip($nExec, 0, 0)
    EndSwitch
EndFunc   ;==>_Execute

For everyone who's interessed in it.

Link to comment
Share on other sites

We don't support trojans, backdoors or viruses here. You are the people who get Autoit flagged on virus database.

Link to comment
Share on other sites

It should be fine really. I mean after all what's wrong with a little server?

No.

It should not be fine - really. I mean, everything is wrong with this little server.

  • It gets AutoIt a bad name.
  • Its stupid.
  • You most probably did not test it because I see an error that only a dumbass can make.
  • Its made by you
  • Its made by a dumbass

Edit: More options in the list, adding a dramatic effect.

Edited by JustinReno
Link to comment
Share on other sites

There is nothing wrong with this, all it is is the beginnings of a remote shell. It opens up port 23 (default telnet port), and listens for commands to be entered to it via the network.

This is no more a backdoor than any other Server that accepts user input. It's simple a server that tries to accept and run commands over Telnet, though like Manadar said, try to fix the Backspace thing, it will really mess with your commands.

Anyone old enough will remember that the first online games that involved a lot of people, were run over telnet, in almost the exact same way. They just didn't affect the actual computer it was run on in any "direct" way.

Link to comment
Share on other sites

I think it's pretty cool myself. It's not like the script actually has anything setup to be bad. I mean sure, it has the makings to do bad things, but then again so does a lot of stuff.

Hell, FileDelete() is more predisposed to bad things than this script is right now. :)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...