Fireelf - Fileless Linux Malware Framework - Hi friends mederc, In the article that you read this time with the title Fireelf - Fileless Linux Malware Framework, We have prepared this article well for you to read and retrieve information from it. hopefully fill the posts Article ELF, Article Exploit Development, Article Exploitation Framework, Article fireELF, Article Framework, Article Injection, Article Linux, Article Malware, Article Malware Development, Article Payload, Article Pentesting, Article Python, Article Redteam, Article Security Tools, we write this you can understand. Alright, happy reading.

Title : Fireelf - Fileless Linux Malware Framework

link : Fireelf - Fileless Linux Malware Framework

Fireelf - Fileless Linux Malware Framework

fireELF is a opensource fileless linux malware framework thats crossplatform in addition to allows users to easily exercise in addition to grapple payloads. By default is comes amongst 'memfd_create' which is a novel way to run linux elf executables completely from memory, without having the binary affect the harddrive.

Features

• Choose in addition to construct payloads.
• Ability to minify payloads.
• Ability to shorten payloads yesteryear uploading the payload source to a pastebin, it in addition to then creates a really minor stager compatible amongst python <= 2.7 which allows for tardily deployment.
• Output created payload to file.
• Ability to exercise payload from either a url or a local binary.

Included payload memfd_create
The exclusively included payload 'memfd_create' is based on the enquiry of Stuart, this payload creates an anonymous file descriptor inward memory it in addition to then uses fexecve to execute the binary straight from the file descriptor. This allows for the execution completely inward retentiveness which agency that if the linux organization gets restarted, the payload volition last no where to last found.

Creating a Payload
By default fireELF comes amongst 'memfd_create' but users tin prepare their ain payloads. By default the payloads are stored inward payloads/ in addition to inward lodge to exercise a valid payload you lot merely require to include a dictonary named 'desc' amongst the parameters 'name', 'description', 'archs', in addition to 'python_vers'. An event desc dictonary is below:

desc = {"name" : "test payload", "description" : "new retentiveness injection or fileless elf payload", "archs" : "all", "python_vers" : ">2.5"}

In add-on to the 'desc' dictonary the entry betoken the plugin engine i built uses requires a primary component subdivision which volition automatically perish passed 2 parameters, 1 is a boolean that if its truthful it agency its getting passed a url the mo parameter it gets passed is the data. An event of a elementary entry betoken is below:

def main(is_url, url_or_payload):     return

If you lot accept a method experience costless to commit a payload!

Screenshots

Installation
Download the dependencies yesteryear running:

pip3 -U -r dep.txt

fireELF is developed inward Python 3.x.x

Usage

usage: main.py [-h] [-s] [-p PAYLOAD_NAME] [-w PAYLOAD_FILENAME]                (-u PAYLOAD_URL | -e EXECUTABLE_PATH)  fireELF, Linux Fileless Malware Generator  optional arguments:   -h, --help           demonstrate this assistance message in addition to travel out   -s                   Supress Banner   -p PAYLOAD_NAME      Name of Payload to Use   -w PAYLOAD_FILENAME  Name of File to Write Payload to (Highly Recommended if                        You're non Using the Paste Site Option)   -u PAYLOAD_URL       Url of Payload to last Executed   -e EXECUTABLE_PATH   Location of Executable

Download fireELF

Thus the article Fireelf - Fileless Linux Malware Framework

That's all the article Fireelf - Fileless Linux Malware Framework this time, hopefully can benefit you all. okay, see you in another article posting.

You are now reading the article Fireelf - Fileless Linux Malware Framework with the link address https://mederc.blogspot.com/2019/09/fireelf-fileless-linux-malware-framework.html

Share this post