System information as of Sat Dec 6 10:18:30 PST 2014
root@attack:~# crontab -l
...
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
*/1 * * * * /var/www/html/crontab/root-crontab
*/1 * * * * /var/www/html/crontab/ftp-crontab
#!/bin/bash
pgrep apache2
if [ $? -eq 1 ]; then
service apache2 start
fi
pgrep mysql
if [ $? -eq 1 ]; then
service mysql start
fi
pgrep knockd
if [ $? -eq 1 ]; then
nohup /usr/sbin/knockd -c /etc/knockd.conf &
fi
#!/bin/bash
pgrep listen3000.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3000.py &
fi
pgrep listen3001.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3001.py &
fi
pgrep listen3100.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3100.py &
fi
pgrep listen3200.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3200.py &
fi
pgrep listen3300.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3300.py &
fi
pgrep listen3400.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3400.py &
fi
pgrep listen3500.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen3500.py &
fi
pgrep listen5000.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen5000.py &
fi
pgrep listen5090.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen5090.py &
fi
pgrep listen6000.py
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/listen6000.py &
fi
pgrep numlisten
if [ $? -eq 1 ]; then
nohup /var/www/html/init.d/numlisten &
fi
pgrep knockd
if [ $? -eq 1 ]; then
nohup /usr/sbin/knockd -c /etc/knockd.conf &
fi
#!/usr/bin/python
# Listener for CNIT 124 proj 3
# Save as /etc/init.d/listen3000
# run with nohup /etc/init.d/listen3000 &
# Ref: http://odedrabanitips.blogspot.com/2011/11/how-to-run-script-as-service-in-ubuntu.html
# Ref: http://ridingpython.blogspot.com/2011/08/turning-your-python-script-into-linux.html
import socket
s = socket.socket()
s.bind(("0.0.0.0", 3000))
s.listen(5)
while True:
c, addr = s.accept()
# print 'Got connection from ', addr
c.send('Congratulations! You found the hidden service on port 3000!')
c.close()
[options]
logfile = /var/log/knockd.log
[openclose3003]
sequence = 3100:tcp,3700:tcp
seq_timeout = 10
tcpflags = syn
start_command = nohup /var/www/html/init.d/listen3003.py &
cmd_timeout = 10
stop_command = pkill listen3003.py