Fork: 1
miura250 / linux_kernel_hacking
Download ZIP 26commits
Transfer to URL with SHA
linux_kernel_hacking / 3_RootkitTechniques / 3.0_hiding_lkm /
latest commit c54a282014
@Harvey Phillips Harvey Phillips authored on 15 Jun 2020
..
Makefile add hiding lkms 4 years ago
README.md add inspiration 4 years ago
rootkit.c add hiding lkms 4 years ago
README.md

Linux Kernel Hacking

3.0: Hiding Kernel Modules

Hide a kernel module after loading it

To use:

  • Build with make
  • Load with insmod rootkit.ko
  • Check output in kernel buffer with dmesg
  • See that the module is missing from the output of lsmod

NOTE: Currently, you can't unload this kernel module without rebooting

Inspired, in part, by this repo.