GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hiteshd → Android Rootkit

hiteshd / Android Rootkit

Licence: other
A rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68

Programming Languages

c
50402 projects - #5 most used programming language

Labels

androidrootkit

Projects that are alternatives of or similar to Android Rootkit

Hideprocess
A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
Stars: ✭ 329 (+97.01%)
Mutual labels:  rootkit
Vlany
Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Stars: ✭ 804 (+381.44%)
Mutual labels:  rootkit
Spacecow
Windows Rootkit written in Python
Stars: ✭ 81 (-51.5%)
Mutual labels:  rootkit
Hvmi
Hypervisor Memory Introspection Core Library
Stars: ✭ 438 (+162.28%)
Mutual labels:  rootkit
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+334.13%)
Mutual labels:  rootkit
Webshell
Webshell && Backdoor Collection
Stars: ✭ 1,056 (+532.34%)
Mutual labels:  rootkit
linux-rootkits-red-blue-teams
Linux Rootkits (4.x Kernel)
Stars: ✭ 56 (-66.47%)
Mutual labels:  rootkit
Awesome Windows Security Development
awesome-windows-security-development
Stars: ✭ 154 (-7.78%)
Mutual labels:  rootkit
Hidden
Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (+359.88%)
Mutual labels:  rootkit
Awesome Windows Kernel Security Development
windows kernel security development
Stars: ✭ 1,208 (+623.35%)
Mutual labels:  rootkit
Vegile
This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
Stars: ✭ 478 (+186.23%)
Mutual labels:  rootkit
Rootkit
Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
Stars: ✭ 601 (+259.88%)
Mutual labels:  rootkit
Sutekh
An example rootkit that gives a userland process root permissions
Stars: ✭ 62 (-62.87%)
Mutual labels:  rootkit
Emp3r0r
linux post-exploitation framework made by linux user
Stars: ✭ 419 (+150.9%)
Mutual labels:  rootkit
Awesome Linux Rootkits
a summary of linux rootkits published on GitHub
Stars: ✭ 107 (-35.93%)
Mutual labels:  rootkit
S6 pcie microblaze
PCI Express DIY hacking toolkit for Xilinx SP605
Stars: ✭ 301 (+80.24%)
Mutual labels:  rootkit
Rootkits List Download
This is the list of all rootkits found so far on github and other sites.
Stars: ✭ 815 (+388.02%)
Mutual labels:  rootkit
Malware
Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Stars: ✭ 156 (-6.59%)
Mutual labels:  rootkit
Www.rootkit.com
www.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.
Stars: ✭ 117 (-29.94%)
Mutual labels:  rootkit
Shadow Box For Arm
Shadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)
Stars: ✭ 64 (-61.68%)
Mutual labels:  rootkit
View All Similar Projects ➔

Android-Rootkit

A rootkit for Android. Based on Android platform based linux kernel rootkit from Phrack Issue 68

Part of ISA 673 a class project. Adding it here just because there is not just enough documentation out there to do this for Android

I appreciate any pull requests as long as they extend functionality and dont do harm

Kernel Build Specs

  • Using kernel tree from here

  • Using ROM image from here

  • Using Android NDK toolchain 4.4.3 from Google.

  • Tried and tested on HTC Bravo running kernel version 2.6.38.8

Module Information

Filename: sys_call_table.ko Desciption: This rookit is developed to intercept the following calls

  • SYS_WRITE
  • SYS_READ
  • SYS_CREAT
  • SYS_MKDIR
  • SYS_RMDIR
  • SYS_KILL
  • SYS_OPEN
  • SYS_CLOSE
  • SYS_GETDENT
  • SYS_UNLINK
  • SYS_KILL

Author: Hitesh Dharmdasani [email protected]

License: GPL v2

Depends: Android NDK, Kernel source tree of target

Vermagic: 2.6.38.8-cos-bravo-jellybean+ preempt mod_unload ARMv7

Other details

  • The source tree will not complile to give you a zImage that you should use. A hack around it was to just use a pre built rom with the same specs
  • If you are facing vermagic issues. Fix them by the obvious.
    • Fix entry in utrelease.h
    • Fix entry in kernel.release
    • DO NOT 'make' the kernel source tree after you do this
  • Edit the makefile to suit your paths for the NDK and the kernel source tree for your Android Operating system
  • The rootkit compiles as a kernel object and needs to be run on the phone.
    • # insmod sys_call_table.ko
    • # ./sys_call_table_inst
  • Use dmesg to debug
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].