Fork: 1
miura250 / linux_kernel_hacking
Download ZIP 27commits
Transfer to URL with SHA
linux_kernel_hacking / 3_RootkitTechniques / 3.1_syscalls /
latest commit a88bce44ea
@Harvey Phillips Harvey Phillips authored on 16 Jun 2020
..
Makefile hook sys_mkdir, but pathname not correct 4 years ago
README.md hook sys_mkdir, but pathname not correct 4 years ago
rootkit.c hook sys_mkdir, but pathname not correct 4 years ago
README.md

Linux Kernel Hacking

3.1: Syscall Table Hijacking

Hijacking the linux syscall table, and hooking sys_mkdir.

To use:

  • Build with make
  • Load with insmod rootkit.ko
  • Create a directory with mkdir a
  • Check output in kernel buffer with dmesg
  • Unload with rmmod rootkit