the borked-again shell
for when regular old Bash just isn't malicious enough...
About • Dependencies • Configuration • Deployment • Semantics
bVsh is a fork of bash providing compile-time hooks for the deployment and execution of hidden malicious shell code
bVsh/
├── bash/ # "hooked" fork of bash 5.2.37
├── bin/ # binary of bVsh shell
├── hooks/ # scripts built by *you* that get injected into bVsh
│ ├── init.sh # ran at shell startup, after ~/.bashrc
│ ├── before.sh # ran before every command that's executed
│ └── after.sh # ran after every command that's executed
├── generate_backdoor.sh # modifies the source code of Bash to include the shell code in hooks/
└── build.sh # generates the binaries required to deploy bVsh
Given that bVsh is based off of Bash, the only dependencies needed to build bVsh are GCC and GNU Make, if you don't know what those are or how to obtain them then you're likely in the wrong place anyways :P
- Modify each of the shell scripts in
hooks/to achieve desired behavior - Configure the source code of Bash to contain the malicious scripts through running
./generate_backdoor.sh
- Compile bVsh by running
./build.sh - Copy the relevent files from
bin/to/usr/bin
- The
init.shhook is executed regardless of whether the shell is interactive or not - The
before.shandafter.shhooks are only executed in an interactive shell