This script will download the PAM source code, patch it to add an hardcoded skeleton key password, and compile it.
There’s also a script to detect backdoored pam_unix.so files like this: linux-pam-backdoor-detect.sh
This scripts looks if there is an extra string between the following strings:
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Source: Read More (SANS Internet Storm Center, InfoCON: green)