Using the sniffex.c program you've been playing with, modify it to create a dummy attack payload that gets called when a specific portknock is received by the sniffer.
I recommend printing BANG to the screen whenever port 1337 receives traffic.
Test it using netcat and make sure it works nicely.
Also, you've made enough changes to the source code now to name it something cool. This is important for branding.
As always, make sure that this information is being logged so that you are able to search for this implant's configuration and activation method in the future whenever you need to activate it.
- What did you do to make that work?
- Submit the link to your git commit.