metasploit-gs/documentation/modules/exploit/linux/local/apt_package_manager_persistence.md at 38bf99e729e3a09babf3d1779a787a2d40d8b71f

adam/metasploit-gs

Fork 0

Files

T

Aaron Ringo 38bf99e729 Re-add of module after jacking up rebase, with new arches,conditional logic, documentation

2019-03-30 22:04:21 -05:00

1000 B

Raw Blame History

Apt package manager persistence

This module will run a payload when the package manager is used. No handler is ran automatically so you must configure an appropriate exploit/multi/handler to connect. Module creates a pre-invoke hook for APT in apt.conf.d. The Hook name syntax is numeric followed by text.

Testing

Exploit a box that uses APT
use linux/local/apt_package_manager_persistence
set SESSION <id>
set PAYLOAD cmd/unix/reverse_python configure the payload as needed
exploit

When the system runs apt-get update the payload will launch. You must set handler accordingly.

Options

BACKDOOR_NAME Name of backdoor executable

HOOKNAME Name of pre-invoke hook to be installed in /etc/apt/apt.conf.d/ default is (05new-hook). Pre-invoke hooks name syntax is numeric followed by text.

SESSION The session to run this module on.

Advanced Options

WritableDir Writable directory for backdoor default is (/usr/local/bin/)

1000 B Raw Blame History

Apt package manager persistence

Testing

Options

Advanced Options

1000 B

Raw Blame History