Rootkit kernel module to be inserted as a backdoor. Tested on Linux kernel version 4.5.
- Network backdoor
- Spawn reverse shell
- Priviledge Escalation
- Hidden port
- Hidden process
- Module persistence and stealth
The kernel used to test this project is built with buildroot.
Configure BUILDROOT in Makefile to point to the correct directory.
Set KDIR to the appropriate kernel version too.
If you wish to compile this for the system you are running, use the commented path instead.
Requires Linux headers, for Ubuntu use.
$ sudo apt install linux-header-`uname -r`
Compile with
$ make