|
96021 | 96021 | "needs_cleanup": true, |
96022 | 96022 | "actions": [] |
96023 | 96023 | }, |
| 96024 | + "exploit_linux/persistence/init_systemd_override": { |
| 96025 | + "name": "Service SystemD override.conf Persistence", |
| 96026 | + "fullname": "exploit/linux/persistence/init_systemd_override", |
| 96027 | + "aliases": [], |
| 96028 | + "rank": 600, |
| 96029 | + "disclosure_date": "2010-03-30", |
| 96030 | + "type": "exploit", |
| 96031 | + "author": [ |
| 96032 | + "h00die" |
| 96033 | + ], |
| 96034 | + "description": "This module will create an override.conf file for a SystemD service on the box.\n The ExecStartPost hook is used to launch the payload after the service is started.\n We need enough access (typically root) to write in the /etc/systemd/system\n directory and potentially restart services.\n Verified on Ubuntu 22.04", |
| 96035 | + "references": [ |
| 96036 | + "URL-https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html", |
| 96037 | + "URL-https://askubuntu.com/a/659268", |
| 96038 | + "URL-https://wiki.archlinux.org/title/Systemd", |
| 96039 | + "ATT&CK-T1543.002" |
| 96040 | + ], |
| 96041 | + "platform": "Linux,Unix", |
| 96042 | + "arch": "cmd, x86, x64, armle, aarch64, ppc, mipsle, mipsbe", |
| 96043 | + "rport": null, |
| 96044 | + "autofilter_ports": [], |
| 96045 | + "autofilter_services": [], |
| 96046 | + "targets": [ |
| 96047 | + "systemd", |
| 96048 | + "systemd user" |
| 96049 | + ], |
| 96050 | + "mod_time": "2025-09-26 15:00:09 +0000", |
| 96051 | + "path": "/modules/exploits/linux/persistence/init_systemd_override.rb", |
| 96052 | + "is_install_path": true, |
| 96053 | + "ref_name": "linux/persistence/init_systemd_override", |
| 96054 | + "check": true, |
| 96055 | + "post_auth": false, |
| 96056 | + "default_credential": false, |
| 96057 | + "notes": { |
| 96058 | + "Stability": [ |
| 96059 | + "crash-safe" |
| 96060 | + ], |
| 96061 | + "Reliability": [ |
| 96062 | + "repeatable-session", |
| 96063 | + "event-dependent" |
| 96064 | + ], |
| 96065 | + "SideEffects": [ |
| 96066 | + "artifacts-on-disk", |
| 96067 | + "config-changes" |
| 96068 | + ] |
| 96069 | + }, |
| 96070 | + "session_types": [ |
| 96071 | + "shell", |
| 96072 | + "meterpreter" |
| 96073 | + ], |
| 96074 | + "needs_cleanup": true, |
| 96075 | + "actions": [] |
| 96076 | + }, |
96024 | 96077 | "exploit_linux/persistence/motd": { |
96025 | 96078 | "name": "update-motd.d Persistence", |
96026 | 96079 | "fullname": "exploit/linux/persistence/motd", |
|
0 commit comments