ptrcnull/alpine-infect
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: ptrcnull:45c84c281a013d3eea7ae29e14b42e1ca3afcde3
Branches Tags
ptrcnull:master
...
compare: ptrcnull:77c9afecb17bba31bdc5fbb6f9a2717c47314b12
Branches Tags
ptrcnull:master

3 commits
45c84c281a ... 77c9afecb1

Author SHA1 Message Date
ptrcnull 77c9afecb1 fix: Set up ENI before setup-alpine 2021-12-29 06:08:05 +01:00
ptrcnull accab5dd87 fix: Add more reliable method of killing stale processes 2021-12-29 06:07:28 +01:00
ptrcnull 9c8920067f fix: Add detecting if /sbin/init is a symlink 
because systemd
 2021-12-29 06:05:02 +01:00
1 changed files with 16 additions and 3 deletions
Show stats Expand all files Collapse all files

19
infect.sh
View file

@ -73,9 +73,15 @@ echo "tty1::wait:/sbin/getty -n -l /third_stage.sh 38400 tty1" > /etc/inittab
# here be dragons
init_file=/old_root/sbin/init
init_link=$(readlink $init_file)
if [[ "$init_link" != "" ]]; then
init_file=/old_root$init_link
fi
echo -e "set follow-fork-mode child
set solib-absolute-prefix /old_root
file /old_root$(cat /proc/1/cmdline)
file $init_file
attach 1
call (int)execl(\"/sbin/init\", \"/sbin/init\", 0)
" | gdb
@ -85,13 +91,20 @@ echo '#!/bin/ash
rm third_stage.sh
# kill all remaining processes
lsof | grep old_root | awk "{print \$1}" | uniq | xargs kill -9 2>/dev/null
cd /proc
ps ax | awk "{print \$1}" | tail -n +3 | while read pid; do
if grep -qE "^/dev/\w+ / " /proc/$pid/mounts; then
kill -9 $pid
fi
done
cd /
/bin/umount -Rl old_root/* 2>/dev/null
/bin/umount old_root
# get nameservers
udhcpc
setup-interfaces -a
ifquery --list | xargs ifup
# restore inittab
mv /etc/inittab.bak /etc/inittab