Skip to content

mgrube/DragonKing

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status

DragonKing Rootkit

This is an open source rootkit created for a class taught on Rootkit Design.

This rootkit hides by hooking the system call table and using an agent to do interactive manipulation in userland.

Disclaimer: This rootkit was tested and developed on 64 bit Ubuntu 17.04. There are currently issues with 16.04.

Features

- An agent that works in userland 
- Self-destruct functionality
- Improved hiding 
- Network/Socket Hooking

Roadmap

- FTE Traffic Encryption
- Update/Maintenance Functionality
- P2P Command&Control Scheme
- OS X Support
- Windows Support
- EFI Infection
- SMM Infection

Reference Material:

http://www.thegeekstuff.com/2013/07/write-linux-kernel-module/

https://stackoverflow.com/questions/2103315/linux-kernel-system-call-hooking-example#2103745

https://appusajeev.wordpress.com/2011/06/18/writing-a-linux-character-device-driver/

About

Open Source Rootkit

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published