Last Door Log Wiper

Last Door is a utility written to wipe specific entries in arbitrary log files and if setuid, will also execute arbitrary commands without logging any history.

 ___________
|           |Linux
|<Last|Door>|Root-
| --------- |Backdoor
|         O |&
|           |Log-
|           |Cleaner
|___________|~r0ng

Hackers2DevNull.blogspot.co.uk
(The user bears responsibility)

Release Dec 2012 -V1

For a full writeup of the program, please visit my blog, URL above.

[+] What is it?

It is a backdoor program which enables a non-root user to send root commands to system, and a log cleaner with several functions.

[+] Features?

- Hardcoded password, no prompt/blank screen unless correct password entered
- No need for user to SU prior to running
- Protection for virtual file systems
- All commands sent to system as root
- Log cleaner searches the file system for chosen strings, no finite log lists used
- Log cleaner options:
   - Search string replace with new string (e.g. change your ip in the logs)
   - Search string delete string
   - Search string delete line
   - Search string delete file contents
- Multi-string search/destroy at once
- Includes hidden files
- Maintains the file modified date despite making changes
- On running the log cleaner, the process is forked as a background daemon
   - User sets timer prior to running so they can logout/exit, and it will clean up after you have gone.
   - If you don't logout prior to the process starting, the file search process will be displayed
   - If you do logout prior to the process starting this will allow your .bash_history to refresh
     and be included in the search (shoud you want to delete your ./LastDoor command for example).
[+] Compile/use?

- gcc LastDoor.c -o LastDoor -Wall (all std libs used)
- cp LastDoor /bin/LastDoor (for example)
- chmod u+s /bin/LastDoor (set the s bit)

- non-rootuser:~# /bin/LastDoor (run!)