Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/gianlucaborello/libprocesshider
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
https://github.com/gianlucaborello/libprocesshider
Last synced: 16 days ago
JSON representation
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
- Host: GitHub
- URL: https://github.com/gianlucaborello/libprocesshider
- Owner: gianlucaborello
- Created: 2014-08-16T01:09:30.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2019-08-02T14:28:28.000Z (over 5 years ago)
- Last Synced: 2024-07-31T22:56:07.069Z (3 months ago)
- Language: C
- Homepage:
- Size: 8.79 KB
- Stars: 984
- Watchers: 26
- Forks: 312
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
libprocesshider
===============
Hide a process under Linux using the ld preloader.
Full tutorial available at https://sysdigcloud.com/hiding-linux-processes-for-fun-and-profit/
In short, compile the library:
```
gianluca@sid:~/libprocesshider$ make
gcc -Wall -fPIC -shared -o libprocesshider.so processhider.c -ldl
gianluca@sid:~/libprocesshider$ sudo mv libprocesshider.so /usr/local/lib/
```
Load it with the global dynamic linker
```
root@sid:~# echo /usr/local/lib/libprocesshider.so >> /etc/ld.so.preload
```
And your process will be off the radar
```
gianluca@sid:~$ sudo ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
...
gianluca@sid:~$ sudo lsof -ni
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
...
```