backdoorme icon indicating copy to clipboard operation
backdoorme copied to clipboard

Published 20 hours ago verified publisher icon Kkevsterrr

Hide backdoors from ps

Open ecthros opened this issue 9 years ago • 3 comments

Even making it so other users couldn't find the backdoor would make it much more potent. Currently, it can be easy to find backdoors simply with ps -ax.

http://unix.stackexchange.com/questions/17164/how-to-make-a-process-invisible-to-other-users

Another way:

http://www.cyberciti.biz/faq/linux-hide-processes-from-other-users/

ecthros avatar Jan 28 '16 19:01 ecthros

Absolutely love it! Would love to investigate something similar for netstat as well

Kkevsterrr avatar Jan 28 '16 19:01 Kkevsterrr

Alternatively can poison ps or alias ps to filter out lines we want to hide

Kkevsterrr avatar Jan 28 '16 19:01 Kkevsterrr

Poisoning ps would work, but there are plenty of other commands/services to find what's running... I'm gonna look into it for the next few hours

ecthros avatar Jan 29 '16 02:01 ecthros