[Script][Video] evilDEB.sh (v0.1)

Links
Watch video on-line: http://g0tmi1k.blip.tv/file/3946972
Download video: http://www.mediafire.com/?3528ebkqs469g4v
Download (evilDEB.sh): http://www.mediafire.com/?7aoorgly77teuzo






What is this?
This video demonstrates how easy and dangerous it is to inject a backdoor (a metasploit payload) into a .deb file (Debian software package).


How does this work?

• Either, download or copy the .deb file to /tmp
• Extract all the files from the .deb 
• Extract any information about the .deb 
  
• Create a payload (via metasploit)
• Inject payload into the deb file
• Repackage the .deb 
• [*] Start a web server (Not needed...just "helps")
• Prepare metasploit

• [*] When the deb is run, it requires root access, which the payload takes advantage of. (=

What do I need?

• evilDEB.sh --- The script (see above)
• Metasploit --- On Backtrack 4 final
• A deb file--- Optional!

How to use it?

• bash evilDEB.sh --- No command lines - automatically downloads "xbomb" and uses that
• -i [interface] --- Changes interface (defaults is eth0 - check with ifconfig)
• -d [deb] --- Uses a different deb file. *Has to be the whole path *
• -h --- Help

 
Commands:

bash evilDEB.sh
hostname
hostname
whoami
ifconfig
cat /etc/passwd
exit
bash evilDEB.sh -h
bash evilDEB.sh -d /root/gedit_2.30.3-0ubuntu0.1_i386.deb
--------------------------------------
ifconfig
kate evilDEB.sh 

 
Notes:

• If your interface isn't eth0, you'll need to either edit the file or use "-i [interface]". Check with "ifconfig"
• This may not work with every .deb file out there!
• This is a rushed script 

Song: LMC V U2 - Take Me to the Clouds Above
Video length: 3:19
Capture length: 4:18

Blog Post: http://g0tmi1k.blogspot.com/2010/07/script-video-evildebshv01.html
Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/31062-%5Bscript%5D%5Bvidep%5D-evildeb-sh-v0-1-a.html#post170151



~g0tmi1k