Skip to content
/ SH13LD Public

[Keylogger && Shell Backdoor] Educational trojan horse.

4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SaltyMilk/SH13LD

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
srcs
srcs
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
run.sh
run.sh
 
 

Repository files navigation

SH13LD

Educational trojan horse.

⚠️ PLEASE DON'T BE STUPID: DO NOT RUN THIS ON YOUR SYSTEM. ⚠️

How does it work

Make will generate an exec called Durex.

If you launch it, it'll simply print a string.

In the background here's what's happening:

  • Compiling and creating a malware daemon called /bin/Durex
  • Config init.d to launch the malware at each boot of the system (call the malware service "antivirus")
  • Execute the malware

Here's what the malware does:

  • Log all keyboard inputs
  • Backdoor (root shell on network), connecting to 4242 with a password will let you pop a root shell available on port 4243
  • The malware will trick programs such as netstat, top, htop making them believe it's called FirewallService and not /bin/Durex

Run in docker

./run.sh
docker exec -it durex /bin/bash 
cd /durex/srcs; make

Run locally

cd srcs; make

About

[Keylogger && Shell Backdoor] Educational trojan horse.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages