Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Add systemd unprivileged user persistence #11419
These changes add a new target to the Linux service persistence for "systemd user", which (if supported) will invoke
At the moment I only implimented the functionality to match the original systemd persistence features, but realistically it is possible to enforce different mechanisms for things like user logins, logouts, and a pile more as documented in
It should be noted that a couple of things I noticed,
List the steps needed to make sure this thing works
Some other notes:
Please add some module documentation for this module.
Here's a skeleton.
## Description This module will create a service on the box, and mark it for auto-restart. We need enough access to write service files and potentially restart services. ## Vulnerable Application Targets: System V: CentOS <= 5 Debian <= 6 Kali 2.0 Ubuntu <= 9.04 Upstart: CentOS 6 Fedora >= 9, < 15 Ubuntu >= 9.10, <= 14.10 systemd: CentOS 7 Debian >= 7, <=8 Fedora >= 15 Ubuntu >= 15.04 Note: System V won't restart the service if it dies, only an init change (reboot etc) will restart it. ## Verification Steps 1. Start `msfconsole` 2. Get a session 3. Do: `use exploit/linux/local/service_persistence` 4. Do: `set SESSION [SESSION]` 5. Do: `check` 6. Do: `run` 7. You should get a new session ## Options **SHELLPATH** Writable path to put our shell (default: `/usr/local/bin`) **SHELL_NAME** Name of shell file to write. **SERVICE** Name of service to create. ## Scenarios ### systemd unprivileged user persistence <your msf console output>
referenced this pull request
Mar 6, 2019