Git Product home page Git Product logo

linux_kernel_rootkit's Introduction

Karthus LKM rootkit

Karthus is a part of my graduate project for the excellence program for teenagers called "Academy and industry" provieded by the teenagers academic unit of the Weizmann Institute of Science

what is it doing?

  • save keystrokes in spesific file (keylogger)
  • hide and unhide from lsmod
  • cover the tracks by cleaning code segments
  • remove the module from /sys/modules directory
  • hide tcp connections by port (only ipv4, ill add ipv6 later)
  • hide files by name
  • hide processes by pid

    • How to use:

    1. edit the rootkit settings to your peferencs (by modify the HIDE_ME (in file.h), proc_pid_to_hide (in proc.h) and PORT_HIDE in network.h)
    2. compile the file by type make
    3. run: sudo insmod rootkit.ko

    TODO:

  • edit the tool hanuleing by commands(now its just run by defulat settings)
  • hide packet using hooks of packet_rcv
  • add anti gdb fetures
  • made it more readable by .h and .c
  • add option to give root privileges to regular user
    • Tested on linux 5.4, ubuntu 20

    note: this is an education project! do not use it for illegal things

    linux_kernel_rootkit's People

    Contributors

    itamarmaouda101 avatar

    Stargazers

    avatar avatar

    Watchers

    avatar avatar

    Recommend Projects

    • React photo React

      A declarative, efficient, and flexible JavaScript library for building user interfaces.

    • Vue.js photo Vue.js

      ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

    • Typescript photo Typescript

      TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

    • TensorFlow photo TensorFlow

      An Open Source Machine Learning Framework for Everyone

    • Django photo Django

      The Web framework for perfectionists with deadlines.

    • D3 photo D3

      Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

    Recommend Topics

    • javascript

      JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

    • web

      Some thing interesting about web. New door for the world.

    • server

      A server is a program made to process requests and deliver data to clients.

    • Machine learning

      Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

    • Game

      Some thing interesting about game, make everyone happy.

    Recommend Org

    • Facebook photo Facebook

      We are working to build community through open source technology. NB: members must have two-factor auth.

    • Microsoft photo Microsoft

      Open source projects and samples from Microsoft.

    • Google photo Google

      Google โค๏ธ Open Source for everyone.

    • D3 photo D3

      Data-Driven Documents codes.