The appearance of the backtrack
_ | |
____ _ _ ____ ___ _| |_| |__ ___ _____
/ ___) | | | \ / _ (_ _) _ \ / _ \(____ |
( (___| |_| | | | | |_| || |_| | | | |_| / ___ |
\____)\__ |_|_|_|\___/ \__)_| |_|\___/\_____|
(____/
Ver.1 (alpha) - Runtime shellcode injection, for stealthy backdoors...
By codwizard (codwizard@gmail.com) and crossbower (crossbower@gmail.com)
from ES-Malaria by ElectronicSouls (http://www.0x4553.org).
Usage:
cymothoa -p <pid> -s <shellcode_number> [options]
Main options:
-p process pid
-s shellcode number
-l memory region name for shellcode injection (default /lib/ld)
see /proc/pid/maps...
-h print this help screen
-S list available shellcodes
Payload personalization options:
-x set the IP
-y set the port number
-r set the port number 2
-z set the username (3 bytes)
-o set the password (8 bytes)
-i set the interpreter (def /bin/bash)
-c set the script code (from cmd line)
-F do not fork parent process
root@bt:/pentest/backdoors/cymothoa# ls
cymothoa cymothoa.c cymothoa.h fork_shellcode.o fork_shellcode.s Makefile payloads.h personalization.h script.pl
root@bt:/pentest/backdoors/cymothoa# cp cymothoa.c /var/www/
root@bt:/pentest/backdoors/cymothoa# service apache2 start
* Starting web server apache2 [ OK ]
root@bt:/pentest/backdoors/cymothoa# cd /var/www/
root@bt:/var/www# la
beef cymothoa.c .directory dvwa DVWA-1.0.7.zip fbip index.html wstool
root@bt:/var/www# ls
beef cymothoa.c dvwa DVWA-1.0.7.zip fbip index.html wstool
root@bt:/var/www# mkdir cy
root@bt:/var/www# mc cymothoa.c cy
cy/ cymothoa.c
root@bt:/var/www# mc cymothoa.c cy
cy/ cymothoa.c
root@bt:/var/www# mc cymothoa.c cy/
The program 'mc' is currently not installed. You can install it by typing:
apt-get install mc
You will have to enable the component called 'universe'
root@bt:/var/www# mv cymothoa.c cy/
NB:
- NC was unable to execute bash comman
- Cymotoa work I downloaded through the browser but the error and can not be compiled into the ubuntu that
- I use For the sequel I will continue using ubuntu that has been upgraded
