mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-21 19:28:02 +00:00
adore rootkit
This commit is contained in:
@@ -0,0 +1 @@
|
||||
include adore_rootkit_static::install
|
||||
BIN
modules/utilities/unix/compromised/adore_rootkit_static/files/ls
Executable file
BIN
modules/utilities/unix/compromised/adore_rootkit_static/files/ls
Executable file
Binary file not shown.
BIN
modules/utilities/unix/compromised/adore_rootkit_static/files/netstat
Executable file
BIN
modules/utilities/unix/compromised/adore_rootkit_static/files/netstat
Executable file
Binary file not shown.
BIN
modules/utilities/unix/compromised/adore_rootkit_static/files/ps
Executable file
BIN
modules/utilities/unix/compromised/adore_rootkit_static/files/ps
Executable file
Binary file not shown.
@@ -0,0 +1,27 @@
|
||||
class adore_rootkit_static::install {
|
||||
|
||||
# TODO: rootkit configuration
|
||||
# $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
|
||||
# $hidden_ports = join($secgen_parameters['hidden_ports'], "\|")
|
||||
# $hidden_strings = join($secgen_parameters['hidden_strings'], "\|")
|
||||
|
||||
file { '/bin/ls':
|
||||
source => 'puppet:///modules/adore_rootkit_static/ls',
|
||||
mode => '0755',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
}
|
||||
file { '/bin/netstat':
|
||||
source => 'puppet:///modules/adore_rootkit_static/netstat',
|
||||
mode => '0755',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
}
|
||||
file { '/bin/ps':
|
||||
source => 'puppet:///modules/adore_rootkit_static/ps',
|
||||
mode => '0755',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,29 @@
|
||||
<?xml version="1.0"?>
|
||||
|
||||
<utility xmlns="http://www.github/cliffe/SecGen/utility"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.github/cliffe/SecGen/utility">
|
||||
<name>Adore rootkit</name>
|
||||
<author>Z. Cliffe Schreuders</author>
|
||||
<module_license>MIT</module_license>
|
||||
<description>Some static rootkit binaries from the Adore rootkit. (Not compiled by SecGen.)
|
||||
</description>
|
||||
|
||||
<type>userspace_rootkit</type>
|
||||
<platform>linux</platform>
|
||||
|
||||
<!-- TODO: install Adore with configuration -->
|
||||
|
||||
<!-- <read_fact>hidden_ports</read_fact>
|
||||
<read_fact>hidden_strings</read_fact>
|
||||
|
||||
<default_input into="hidden_ports">
|
||||
<value>4444</value>
|
||||
<value>12345</value>
|
||||
</default_input>
|
||||
<default_input into="hidden_strings">
|
||||
<value>hideme</value>
|
||||
<value>hme</value>
|
||||
</default_input> -->
|
||||
|
||||
</utility>
|
||||
Reference in New Issue
Block a user