Backdooring Linux
+ Adding a backdoor user (super visible to sysadmin)
Adding users
/usr/sbin/adduser backdoor passwd backdoor echo "backdoor ALL=(ALL) ALL" >> /etc/sudoers+ Plant a rootkit (might brand organisation unstable)
Userland rootkits
- + to a greater extent than stable
- + to a greater extent than probable to rest planted afterward organisation updates
- - to a greater extent than visible
- - less control
Kernel rootkits
- + less visible
- + consummate control
- - to a greater extent than unstable
- - to a greater extent than probable to displace problems alongside organisation updates
https://github.com/n1nj4sec/pupy https://github.com/r00tkillah/HORSEPILL http://r00tkit.me/