Giters

mponcet / subversive

x86_64 linux rootkit using debug registers

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Subversive rootkit

INSTALL

Build and load the kernel module

cd kernel
make ARCH=x86
insmod subversive.ko

Control rootkit

cd tools
make
./subversive_ctl -h

UNINSTALL

rmmod subversive

REFERENCES

  • IA32 Software Developers Manual Vol. 3B, Chapter 18
  • Mistifying the debugger, Phrack 65, halfdead
  • Abuso dell Hard Hardware nell Attaco al Kernel di Linux, AntiFork Research, Pierre Falda

About

x86_64 linux rootkit using debug registers

License:GNU General Public License v2.0

Languages

Language:C 98.1%Language:Makefile 1.9%