linuxrootkithideprocess

2023年12月5日 — Linux rootkit POC to hide a crypto miner's process and CPU usage. - alfonmga/hiding-cryptominers-linux-rootkit.

A rootkit is software that allows an attacker to maintain root access. Features. Process Hiding and Hiding of Process hierarchies Hide processes from the user ...

由 J Butler 著作 · 被引用 75 次 — – A sophisticated rootkit can modify the objects directly in memory in a relatively reliable fashion to hide. – Recall the goal of rootkits is to hide things:.

2020年4月6日 — My understanding is *buf, contain the name of the process it is trying to hide. using copy_from_user(), buf is copied into a kernel buffer kbuf ...

2023年2月26日 — Rootkits. Scenario. Our objective is to hide our reverse shell connection process on the target Linux system in order to avoid detection.

2023年2月19日 — Linux Rootkits Part 5: Hiding Kernel Modules from Userspace ... 隱藏Process; 隱藏Open Ports; 隱藏登入的使用者 ... Linux Rootkit 系列三：实例详解 ...

2020年10月1日 — Linux Rootkits Part 7: Hiding Processes ... Now that we know how to hide directories (see last time), we can also hide processes! This is because ...

2022年11月21日 — This free tool is able to quickly decloak process hiding activity from Loadable Kernel Module (LKM) stealth rootkits on most Linux distributions ...

Adore is a popular LKM-based rootkit. Among its many features, it allows a user to hide processes by altering the /proc system's readdir handler.