CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/linux/local/bash_profile_persistence.md
Views: 1904
Description
This module establishes persistence via the Linux Bash profile method. This module makes two changes to the target system. First, the module writes a payload to a directory (/var/temp/
by default). Second, the module writes a payload execution trigger to the Bash profile (~/.bashrc
by default). The persistent payload is executed whenever the victim user opens a Bash terminal.
Vulnerable Application
This module has been tested successfully on:
Ubuntu 19 (x86_64) running GNU bash, version 5.0.3(1)-release
Verification Steps
Start
msfconsole
Get a Meterpreter session
use exploit/linux/local/bash_profile_persistence
set SESSION [SESSION]
run
On victim, open a new Bash terminal
You should get a new session with the permissions of the exploited user account
Options
BASH_PROFILE
The path to the target Bash profile. (default: ~/.bashrc
)
PAYLOAD_DIR
A writable directory file system path. (default: /var/tmp
)