rootkit.h - linux-rootkit - Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)

rootkit.h (495B)

      1 #ifndef _GROUP7_ROOTKIT_H
      2 #define _GROUP7_ROOTKIT_H
      3 
      4 #include "hook.h"
      5 
      6 typedef enum {
      7     BD_OFF = 0,
      8     BD_READ,
      9     BD_TTY,
     10 } bd_state_t;
     11 
     12 typedef enum {
     13     FH_OFF = 0,
     14     FH_TABLE,
     15     FH_LSTAR,
     16 } fh_state_t;
     17 
     18 typedef struct {
     19     sc_hook_t hooks[16];
     20     bool hiding_module;
     21     fh_state_t hiding_files;
     22     bool hiding_pids;
     23     bool hiding_open;
     24     bool hiding_sockets;
     25     bool hiding_packets;
     26     bool logging_input;
     27     bd_state_t backdoor;
     28 } rootkit_t;
     29 
     30 #endif//_GROUP7_ROOTKIT_H

	linux-rootkit Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
	git clone git://git.deurzen.net/linux-rootkit
	Log \| Files \| Refs