Bashrc thing
#1
It's a dumb trick but quite effective.

Utilizing .bashrc on some Linux distributions, you can create a persistent payload. Note that it does not matter what the payload is, as long as you have access to the victims .bashrc it should work.

I recommend hiding it in a harmless install.sh script or something that gets ran at root, to write to .bashrc you sometimes need root but currently on Linux Mint you don't.

Steps:
1. have a payload ready.
2. have an entry point.
3. append your payload to .bashrc, you can hide it if you want.
4. if you have to make up a reason to ask for root on startup like "Linux mint had a security update, please enter your root password to enter your terminal..."
5. enjoy you have a persistent payload now.
Reply
#2
Or?

~/.config/autostart/ (Hidden folder and files.)

[Desktop Entry]
StartupNotify=false
Terminal=false

###

[Defensive]

A) Did you know that you can run a VM as read-only?

B) Live DVD / Live CD https://en.wikipedia.org/wiki/Live_CD
Reply
#3
This is a very good method, but very noisy. A lot of people who use linux are used to modifying this file to add aliases or similar stuff. Also, it is often monitored.
Reply