Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 10-07-2012, 08:54 PM   #1
Registered: Jul 2009
Posts: 42

Rep: Reputation: 0
ssh through a .php, backdoor

I have an apache + php server running and I want to install a backdoor. I am the root of the server, but I want to have a backdoor in case I lose root password or somebody hacks me. So, I was thinking to install a .php script somewhere deep down under DOCUMENT_ROOT that does exec() of some command that would convert the 'httpd' process into 'sshd' process but leaving the filedescriptor of open connection on port 80. On the client side, I would use my own program made in C , that would telnet to port 80 and also exec() ssh client. So my question is, is it possible to take a web connection and replace it with ssh on both ends ?

Would be this too difficult? Have someone did something like this?

Thanks in advance.
Old 10-07-2012, 09:09 PM   #2
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 139Reputation: 139
It could be done but would be rather dangerous, even using SSL. And if the point is secure access do not use telnet as passwords are sent in clear text. Why not just run sshd for remote access?
Old 10-08-2012, 03:20 AM   #3
Registered: Aug 2011
Location: Chennai,India
Distribution: Redhat,Centos,Ubuntu,Dedian
Posts: 558
Blog Entries: 5

Rep: Reputation: Disabled

that would telnet to port 80
Its not advised to use telnet to login into server .Normally the data tranmitted via telnet is unencrypted(Plain-text) Format.Its better advise to use SSH sets up encrypted data transfer and logins and is more secure.Even normall ssh login is not a better paractice.SSH passwordless login is advised .What your currently trying out ,could mainly leads to hacking off your server
Old 10-08-2012, 08:46 AM   #4
Senior Member
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778
What you are describing sounds a lot like port knocking.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Backdoor to server? Joe of Loath Linux - Server 16 11-29-2010 06:36 AM
Trojan program Backdoor.PHP.C99Shell.p austrumi b4gi Linux - Security 5 01-21-2008 12:01 PM
Yet another backdoor for IE.... r_jensen11 General 11 06-29-2004 11:31 AM
backdoor im1crazyassmofo Linux - General 3 01-16-2003 06:54 PM
SSH 2 as a backdoor? help me fenris@bu Linux - Security 3 05-24-2001 12:12 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:52 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration