SSH Authorized_keys
The ssh backdoor essentially consists of leaving our ssh keys in some user’s home directory. Usually the user would be root as it’s the user with the highest privileges.
Exploitation
We are going to leverage ssh protocol to achieve persistence. We will generate a set of ssh keys with ssh-keygen.
Now that we have 2 keys. 1 private key and 1 public key, we can now go to /root/.ssh, rename our public key to authorized_keys and then leave it there.
After that, we will copy our private key to our machine and use it to login to root account whenever we want.
