Skip to content
/ LKM-mkdir-SysCallHook Public

LKM (linux kernel module) to hook mkdir syscall. Tested on Linux debian 4.19.0-16-amd64 (This is not a rootkit prototype).

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Sargastico/LKM-mkdir-SysCallHook

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
main.c
main.c
 
 

Repository files navigation

LKM-mkdir-SysCallHook

LKM (linux kernel module) to hook syscall functions

Build the .ko (kernel object):

git clone https://github.com/Sargastico/LKM-mkdir-SysCallHook.git && cd LKM-mkdir-SysCallHook && make

Load the kernel module:

sudo insmod main.ko

Check the kernel log for lkm output (create a folder anywhere to see the hook working):

sudo tail -f /var/log/kern.log

About

LKM (linux kernel module) to hook mkdir syscall. Tested on Linux debian 4.19.0-16-amd64 (This is not a rootkit prototype).

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages