Awesome-Mirrors
/
awesome-linux-rootkits
mirror of https://github.com/milabs/awesome-linux-rootkits.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update reptile.md

This commit is contained in:
Ilya V. Matveychikov 2018-07-02 20:34:55 +04:00 committed by GitHub
parent ce30452f62
commit b654c1fe80
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
details/reptile.md
View File

@ -51,11 +51,13 @@ Filtering PID-like numeric entries while listing `/proc`:
- getdents/getdents64 hook used
- hidden tasks are marked using `task->flags` (bit `0x10000000`)
:exclamation: Not able to hide all threads and children of hidden (parent) process.
# Backdoor/shell
Reverse shell spawning by port-knocking-like technique:
- `ICMP/UDP/TCP` port-knocking
- spawning root-shell connection to remote host
--
:exclamation: Not able to tamper file contents while reading byte-by-byte.
:exclamation: Not able to hide all threads and children of hidden (parent) process.