lkm-rootkit

A rootkit implemented as a linux kernel module

##Syscall table: ###NOTICE: This kernel module is only compatible with 64-bit PCs. Please do NOT run if your PC is a 32-bit.

To load the 'rootkit' module:

make -f Makefile
sudo insmod rootkit.ko
dmesg | tail

To remove the module:

sudo rmmod rootkit

To be able to get root access:

After loading the module, Invoke the write function with the last
parameter (the count) passed as -1

To be able to hide a port:

After loading the module, Isssue the following command
echo "hp PORT_NUMBER" > /proc/rootkitproc

Name		Name	Last commit message	Last commit date
Latest commit History 33 Commits
.gitignore		.gitignore
Makefile		Makefile
README.md		README.md
README.txt		README.txt
rootkit.c		rootkit.c
testRootPart.c		testRootPart.c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitignore

.gitignore

Makefile

Makefile

README.md

README.md

README.txt

README.txt

rootkit.c

rootkit.c

testRootPart.c

testRootPart.c

Repository files navigation

lkm-rootkit

To load the 'rootkit' module:

To remove the module:

To be able to get root access:

To be able to hide a port:

About

Releases

Packages

Contributors 5

Languages

m0hamed/lkm-rootkit

Folders and files

Latest commit

History

Repository files navigation

lkm-rootkit

To load the 'rootkit' module:

To remove the module:

To be able to get root access:

To be able to hide a port:

About

Resources

Stars

Watchers

Forks

Languages