1. rm -f usual_path_of_prey/usual_file_1
2. rm -f usual_path_of_prey/usual_file_2
It's also true that, before issuing 1. and 2., the system is up and running, and so there is a small window of opportunity for Prey to call the target domain and downloading instructions (if there is some network connectivity, and it's a big if) but it's not bullet-proof; so it seems to me that some kind of obfuscating executables is worth of; am I missing something?
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds