diff --git a/docs/guides/security/vulnerabilities/linux-red-team-defense-evasion-rootkits/index.md b/docs/guides/security/vulnerabilities/linux-red-team-defense-evasion-rootkits/index.md index 3c3991911ba..fc2cdefd86b 100644 --- a/docs/guides/security/vulnerabilities/linux-red-team-defense-evasion-rootkits/index.md +++ b/docs/guides/security/vulnerabilities/linux-red-team-defense-evasion-rootkits/index.md @@ -79,8 +79,6 @@ We can leverage the ability to load Apache2 modules to load our own rootkit modu Command injection vulnerabilities allow attackers to execute arbitrary commands on the target operating system. -To achieve this, we will be using the apache-rootkit module that can be found here: https://github.com/ChristianPapathanasiou/apache-rootkit - Apache-rootkit is a malicious Apache module with rootkit functionality that can be loaded into an Apache2 configuration with ease and with minimal artifacts. The following procedures outline the process of setting up the apache-rootkit module on a target Linux system: @@ -97,10 +95,7 @@ The following procedures outline the process of setting up the apache-rootkit mo cd /tmp -1. The next step will involve cloning the apache-rootkit repository on to the target system, this can be done by running the following command: - - git clone https://github.com/ChristianPapathanasiou/apache-rootkit.git - +1. The next step will involve cloning the apache-rootkit repository on to the target system. 1. After cloning the repository you will need to navigate to the “apache-rootkit” directory: cd apache-rootkit @@ -215,4 +210,4 @@ Given that the target server is running the LAMP stack, we can create a PHP mete ![Meterpreter session receiving connection from Commix PHP backdoor](meterpreter-session-receiving-connection-from-commix-php-backdoor.png "Meterpreter session receiving connection from Commix PHP backdoor") - We have been able to successfully set up the apache-rootkit module and leverage the command injection functionality afforded by the module to execute arbitrary commands on the target system as well as upload a PHP backdoor that will provide you with a meterpreter session. \ No newline at end of file + We have been able to successfully set up the apache-rootkit module and leverage the command injection functionality afforded by the module to execute arbitrary commands on the target system as well as upload a PHP backdoor that will provide you with a meterpreter session.