Updates rooty - libpcap based ICMP encrypted backdoor for linux.

Updates rooty – libpcap based ICMP encrypted backdoor for linux.

Latest Changes 26/2/2016:
– Removing FreeBSD and CCDC files for now.
– msf & src; Moving everything to ICMP echo request ID.

Rooty based idea from SilentDoor  ; PCAP-based backdoor for linux that uses packet sniffing to bypass netfilter. It sniffs for UDP packets on port 53, runs each packet against a decryption scheme, if the packet validates than it runs a command. Can be masked to look like any other process. Remote command utility included.
Also includes the ability to send shellcode for execution and a connectionless shell functionality

rooty client.py

rooty client.py

+ To build, you only need to have libpcap development files installed.
+ Then you should only have to run make.
+ To make a debug build with error message run: make debug
+ If you have upx installed and would liked a packed version: make upx

Now requires https://github.com/SoldierX/libhijack for shellcode injection into other processes.

Installation:

Download : Master.zip  | Clone Url | Our Post Before
Source : https://github.com/linuxgeek247