{"id":44059946,"url":"https://github.com/jermeyyy/rooty","last_synced_at":"2026-02-08T01:09:36.577Z","repository":{"id":96731539,"uuid":"98127893","full_name":"jermeyyy/rooty","owner":"jermeyyy","description":"Academic project of Linux rootkit made for Bachelor Engineering Thesis.","archived":false,"fork":false,"pushed_at":"2024-07-29T18:51:56.000Z","size":4775,"stargazers_count":82,"open_issues_count":1,"forks_count":17,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-07-30T01:06:16.574Z","etag":null,"topics":["academic","bachelor-engineering-thesis","kernel","kernel-module","linux","linux-rootkit","rootkit","security","thesis"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jermeyyy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-23T21:58:21.000Z","updated_at":"2024-07-29T18:52:00.000Z","dependencies_parsed_at":"2024-07-30T00:18:41.768Z","dependency_job_id":null,"html_url":"https://github.com/jermeyyy/rooty","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jermeyyy/rooty","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jermeyyy%2Frooty","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jermeyyy%2Frooty/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jermeyyy%2Frooty/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jermeyyy%2Frooty/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jermeyyy","download_url":"https://codeload.github.com/jermeyyy/rooty/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jermeyyy%2Frooty/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29216082,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-08T00:10:47.190Z","status":"ssl_error","status_checked_at":"2026-02-08T00:10:43.589Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["academic","bachelor-engineering-thesis","kernel","kernel-module","linux","linux-rootkit","rootkit","security","thesis"],"created_at":"2026-02-08T01:09:35.743Z","updated_at":"2026-02-08T01:09:36.562Z","avatar_url":"https://github.com/jermeyyy.png","language":"C","readme":"# Important Legal Disclaimer\nI do not condone any misuse of this code, I do not expect any liability for any misuse of this code. Using rooty to attack targets without their consent is illegal, it is the users responsibility to obey all applicable local, state and federal laws.\n\n# rooty\nAcademic project of Linux rootkit made for Bachelor Engineering Thesis.\n\nMore about project can be found in actual [thesis](https://github.com/jermeyyy/rooty/blob/master/docs/Praca%20In%C5%BCynierska%20-%20Karol%20Celebi.pdf) or in [article](https://github.com/jermeyyy/rooty/blob/master/docs/3_PT1-2_41-s39_CELEBI_SUSKI.pdf) written by Zbigniew Suski (thesis supervisor).\n\nWhole rootkit is implemented as LKM module and few user-space services.\n\n## Functionalities\n- root access\n- hiding itself\n- control via IOCTL interface (client included)\n- keylogger\n- hide files/dirs\n- hide processes\n- hide tcp/udp IPv4/IPv6 connections\n- remote root shell activated by magic ICMP packet\n- VNC protocol service (screen preview only)\n\n## Screenshots\n\n### rooty LKM initialization\n![](/art/init.png?raw=true)\n\n### IOCTL control interface\n![](/art/ioctl-control.png?raw=true)\n\n### keylogger\n![](/art/keylogger.png?raw=true)\n\n### sshd initialization\n![](/art/ssh-init.png?raw=true)\n\n### sshd initialized\n![](/art/ssh-init2.png?raw=true)\n\n### remote access\n![](/art/ssh-access.png?raw=true)\n\n### vncd initialization\n![](/art/vncd-init.png?raw=true)\n\n### vncd running\n![](/art/vncd-running.png?raw=true)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjermeyyy%2Frooty","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjermeyyy%2Frooty","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjermeyyy%2Frooty/lists"}