reveng_rtkit icon indicating copy to clipboard operation
reveng_rtkit copied to clipboard
verified publisher icon reveng007

Linux Kernel Sockets

Open reveng007 opened this issue 4 years ago • 3 comments

Adding Linux Kernel Sockets to this LKM rootkit, so that this rootkit acts as an all-rounder. Both, as a LKM rootkit as well as stealthy C2 Server.

reveng007 avatar Mar 06 '22 07:03 reveng007

posting here as well, just to make sure it comes across - what do you specifically want kernel sockets to achieve? :) https://github.com/reveng007/reveng_rtkit/issues/11#issue-1559846247

loneicewolf avatar Jan 27 '23 16:01 loneicewolf

Sorry for being vague. Actually that would be C2 client, so that our C2 server listening on target gets automatically connected to the lkm whenever it comes online.

Actually, i want to eradicate the use of revshell to get a shell in the victim machine.

Does this sound familiar now?

reveng007 avatar Jan 27 '23 17:01 reveng007

Yes I think that makes sense now, (+1 for mentioning the revshell ) thanks! if I have more questions I'll ask.

loneicewolf avatar Jan 27 '23 17:01 loneicewolf