Skip to content
/ Rootkit Public

A simple rootkit that hooks the fork system call

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

seifashraf1/Rootkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
fork_hook.c
fork_hook.c
 
 
fork_hook_API.c
fork_hook_API.c
 
 

Repository files navigation

Rootkit

A simple system call hook rootkit that hooks the fork system call

How to compile this kernel module?

1- Make 2- insmod fork_hook.ko -you will find in "dmesg | tail" the syscall and fork address from sysmap and the fork counter each 10 times 3- rmmod fork_hook.ko -to remove the module

NOTE

KERNEL may crashes if you reinserted the module multiple times.

SEIF ASHRAF

About

A simple rootkit that hooks the fork system call

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages