Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mponcet/subversive
x86_64 linux rootkit using debug registers
https://github.com/mponcet/subversive
Last synced: about 1 month ago
JSON representation
x86_64 linux rootkit using debug registers
- Host: GitHub
- URL: https://github.com/mponcet/subversive
- Owner: mponcet
- License: gpl-2.0
- Created: 2011-05-01T22:09:08.000Z (over 13 years ago)
- Default Branch: master
- Last Pushed: 2022-01-11T16:56:41.000Z (over 2 years ago)
- Last Synced: 2024-05-02T17:53:07.582Z (5 months ago)
- Language: C
- Homepage:
- Size: 128 KB
- Stars: 50
- Watchers: 5
- Forks: 15
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - mponcet/subversive - x86_64 linux rootkit using debug registers (C)
README
# Subversive rootkit #
## INSTALL ##
### Build and load the kernel module ###
```
cd kernel
make ARCH=x86
insmod subversive.ko
```
### Control rootkit ###
```
cd tools
make
./subversive_ctl -h
```
## UNINSTALL ##
```
rmmod subversive
```
## REFERENCES ##
- IA32 Software Developers Manual Vol. 3B, Chapter 18
- Mistifying the debugger, Phrack 65, halfdead
- Abuso dell Hard Hardware nell Attaco al Kernel di Linux, AntiFork
Research, Pierre Falda