-->

Oscp - Linux Post Service Exploitation

  Oscp - Linux Post Service Exploitation

Oscp - Linux Post Service Exploitation

Backdooring Linux

+ Adding a backdoor user (super visible to sysadmin)

Adding users

/usr/sbin/adduser backdoor passwd backdoor echo "backdoor ALL=(ALL) ALL" >> /etc/sudoers
+ Plant a rootkit (might brand organisation unstable)

Userland rootkits

  • + to a greater extent than stable
  • + to a greater extent than probable to rest planted afterward organisation updates
  • - to a greater extent than visible
  • - less control

Kernel rootkits

  • + less visible
  • + consummate control
  • - to a greater extent than unstable
  • - to a greater extent than probable to displace problems alongside organisation updates
https://github.com/n1nj4sec/pupy https://github.com/r00tkillah/HORSEPILL http://r00tkit.me/

Resources

http://pentestmonkey.net/blog/post-exploitation-without-a-tty
https://www.blackhat.com/docs/us-16/materials/us-16-Leibowitz-Horse-Pill-A-New-Type-Of-Linux-Rootkit.pdf


7:22:00 AM  Articles

Next Post
Previous Post
Blogger
Disqus
Pilih Sistem Komentar

No comments

Advertiser