Skip to content
/ rooty Public

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

License

Notifications You must be signed in to change notification settings

jermeyyy/rooty

Repository files navigation

Important Legal Disclaimer

I do not condone any misuse of this code, I do not expect any liability for any misuse of this code. Using rooty to attack targets without their consent is illegal, it is the users responsibility to obey all applicable local, state and federal laws.

rooty

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

More about project can be found in actual thesis or in article written by Zbigniew Suski (thesis supervisor).

Whole rootkit is implemented as LKM module and few user-space services.

Functionalities

  • root access
  • hiding itself
  • control via IOCTL interface (client included)
  • keylogger
  • hide files/dirs
  • hide processes
  • hide tcp/udp IPv4/IPv6 connections
  • remote root shell activated by magic ICMP packet
  • VNC protocol service (screen preview only)

Screenshots

rooty LKM initialization

IOCTL control interface

keylogger

sshd initialization

sshd initialized

remote access

vncd initialization

vncd running