Awesome-Mirrors/awesome-linux-rootkits
1
0
Fork 0
mirror of https://github.com/milabs/awesome-linux-rootkits.git synced 2024-10-01 06:35:44 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update reptile.md

Browse Source
This commit is contained in:
Ilya V. Matveychikov 2018-07-02 23:52:43 +04:00 committed by GitHub
parent 168d533802
commit 9a72d24693
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
details/reptile.md
View File

@ -32,7 +32,7 @@ Rootkit is trying to evade from detection by:
## Management interface
Implemented via `kill(2)` by hooking `sys_call_table[__NR_kill]` entry:
Implemented via `kill(2)` by hooking `sys_call_table[__NR_kill]`:
- https://github.com/linux-rootkits/Reptile/blob/master/rep_mod.c#L509
Supported commands are:
@ -58,6 +58,7 @@ Hooking of system calls by patching syscall-handlers in `sys_call_table[]`:
Filtering of file content while reading:
- hook `sys_call_table[__NR_read]`
- https://github.com/linux-rootkits/Reptile/blob/master/rep_mod.c#L282
- https://github.com/linux-rootkits/Reptile/blob/master/rep_mod.c#L638
## Hiding of files and directories