Wrote this program back in 2004 and had posted it using a pseudonym. I cleaned it up a tiny bit, and it is fully functional. The backdoor puts the interface in promiscuous mode and does not open a listen()ing socket until it sees 5 packets on port 5000 within a 60 second period. At this point it launches a listening socket bound to /bin/bash and voila, backdoor. I plan on cleaning up the code even further and adding a little functionality, recommendations are welcome.