Junos OS offers directors with a customized command-line interface (CLI) that enables issuing Junos particular instructions, but in addition the power to modify to the underlying FreeBSD shell and use the final FreeBSD command-line instruments and packages.
The OS additionally implements a modified variant of the NetBSD Verified Exec (veriexec), a kernel-based file integrity verification subsystem whose purpose is to guard towards the execution of unauthorized binaries. As such, deploying and working any malware implant requires a bypass of this characteristic or disabling it totally, which might increase alerts.
UNC3886 developed a posh course of injection method in an effort to bypass variexec by making a hung course of utilizing the built-in and legit cat utility, writing a malicious shellcode loader to particular reminiscence areas assigned to the cat course of after which tricking the method to execute that code. For the reason that malicious code execution occurred by means of a trusted course of, variexec was bypassed.
