Demonized Shell is an Advanced Tool for persistence in linux.
Install
git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git
cd D3m0n1z3dShell
chmod +x demonizedshell.sh
sudo ./demonizedshell.sh
One-Liner Install
Download D3m0n1z3dShell with all files:
curl -L https://github.com/MatheuZSecurity/D3m0n1z3dShell/archive/main.tar.gz | tar xz && cd D3m0n1z3dShell-main && sudo ./demonizedshell.sh
Load D3m0n1z3dShell statically (without the static-binaries directory):
sudo curl -s https://raw.githubusercontent.com/MatheuZSecurity/D3m0n1z3dShell/main/static/demonizedshell_static.sh -o /tmp/demonizedshell_static.sh && sudo bash /tmp/demonizedshell_static.sh
Demonized Features
- Auto Generate SSH keypair for all users
- APT Persistence
- Crontab Persistence
- Systemd User level
- Systemd Root Level
- Bashrc Persistence
- Privileged user & SUID bash
- LKM Rootkit Modified, Bypassing rkhunter & chkrootkit
- LKM Rootkit With file encoder. persistent icmp backdoor and others features.
- ICMP Backdoor
- LD_PRELOAD Setup PrivEsc
- Static Binaries For Process Monitoring, Dump credentials, Enumeration, Trolling and Others Binaries.
Pending Features
- LD_PRELOAD Rootkit
- Process Injection
- install for example: curl github.com/test/test/demonized.sh | bash
- Static D3m0n1z3dShell
- Intercept Syscall Write from a file
- ELF/Rootkit Anti-Reversing Technique
- PAM Backdoor
- rc.local Persistence
- init.d Persistence
- motd Persistence
- Persistence via php webshell and aspx webshell
And other types of features that will come in the future.
Contribution
If you want to contribute and help with the tool, please contact me on twitter: @MatheuzSecurity
Note
We are not responsible for any damage caused by this tool, use the tool intelligently and for educational purposes only.
0 comentários:
Post a Comment
Note: Only a member of this blog may post a comment.