Release
I'm excited to announce the release of PANIX v2.1.0 – a major update that introduces five brand-new persistence techniques and their corresponding revert scripts. This release significantly expands the versatility of PANIX, allowing you to deploy and, if necessary, safely remove persistence mechanisms with ease.
New Persistence Techniques
D-Bus Persistence
Leverage D-Bus to create an overly permissive D-Bus Method that allows for root-privilege reverse shell backdoors.
MITRE ATT&CK Technique: T1543
Initramfs Persistence
Modify the boot process by injecting custom payloads into the initramfs, ensuring your persistence mechanism is active before the operating system loads.
MITRE ATT&CK Technique: T1542
GRUB Persistence
Embed backdoor functionality in the bootloader configuration to execute your payload at system startup.
MITRE ATT&CK Technique: T1542
Polkit Persistence
Modify the system authentication process using Polkit rules or PKLA files, providing a stealthy backdoor to maintain control.
MITRE ATT&CK Technique: T1556
Network-Manager Persistence
Utilize Network-Manager’s dispatcher capabilities to trigger payload execution during network change events.
MITRE ATT&CK Technique: T1546