Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/f0rb1dd3n/Reptile

LKM Linux rootkit
https://github.com/f0rb1dd3n/Reptile

Last synced: about 2 months ago
JSON representation

LKM Linux rootkit

Host: GitHub
URL: https://github.com/f0rb1dd3n/Reptile
Owner: f0rb1dd3n
Created: 2017-10-22T18:19:53.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2021-03-07T22:51:36.000Z (over 3 years ago)
Last Synced: 2024-04-08T12:35:49.810Z (5 months ago)
Language: C
Homepage:
Size: 465 KB
Stars: 2,470
Watchers: 85
Forks: 563
Open Issues: 31
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - f0rb1dd3n/Reptile - LKM Linux rootkit (C)

README

# Reptile

## Tested on

**Debian 9**: 4.9.0-8-amd64

**Debian 10**: 4.19.0-8-amd64

**Ubuntu 18.04.1 LTS**: 4.15.0-38-generic

**Kali Linux**: 4.18.0-kali2-amd64

**Centos 6.10**: 2.6.32-754.6.3.el6.x86_64

**Centos 7**: 3.10.0-862.3.2.el7.x86_64

**Centos 8**: 4.18.0-147.5.1.el8_1.x86_64

## Features

- Give root to unprivileged users
- Hide files and directories
- Hide processes
- Hide himself
- Hide TCP/UDP connections
- Hidden boot persistence
- File content tampering
- Some obfuscation techniques
- ICMP/UDP/TCP port-knocking backdoor
- Full TTY/PTY shell with file transfer
- Client to handle Reptile Shell
- Shell connect back each X times (not default)

## Install
```
apt install build-essential libncurses-dev linux-headers-$(uname -r)
git clone https://github.com/f0rb1dd3n/Reptile.git
cd Reptile
make menuconfig # or 'make config' or even 'make defconfig'
make
make install
```
More details about the installation see [Wiki](https://github.com/f0rb1dd3n/Reptile/wiki/Install)
## Uninstall

When you got a sucessfully installation, the way to remove that will be shown in the screen

## Usage

See [Wiki](https://github.com/f0rb1dd3n/Reptile/wiki/Usage) to usage details. So, read the fucking manual before opening an issue!

## Warning

Some functions of this module is based on another rootkits. Please see the references!

## References

- “[LKM HACKING](http://www.ouah.org/LKM_HACKING.html)”, The Hackers Choice (THC), 1999;
- https://github.com/mncoppola/suterusu
- https://github.com/David-Reguera-Garcia-Dreg/enyelkm.git
- https://github.com/creaktive/tsh
- https://github.com/brenns10/lsh

## Thanks

Special thanks to my friend [Ilya V. Matveychikov](https://github.com/milabs) for the [KHOOK](https://github.com/milabs/khook) framework and [kmatryoshka](https://github.com/milabs/kmatryoshka) loader.

## Disclaimer

If you wanna more information, send me an e-mail: [email protected]