-
Notifications
You must be signed in to change notification settings - Fork 21
/
README.TXT
31 lines (25 loc) · 780 Bytes
/
README.TXT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Sutekh
An example rootkit that gives a userland process root permissions
Tested on Linux kernel [4.19.62] & [4.15.0]
[INSTALL]
1. Install latest Linux headers for your kernel. Example (debian): [apt install linux-headers-$(uname -r)]
2. $ git clone https://github.com/PinkP4nther/Sutekh
3. $ cd Sutekh && make
4. $ gcc rootswitch.c -o rs
5. $ sudo insmod sutekh.ko
[Run]
$ ./rs
[Output example]
[pinky@mememachine Sutekh]$ ./rs
[!] Switch hit!
[mememachine Sutekh]# id
uid=0(root) gid=0(root) groups=0(root)
[mememachine Sutekh]# exit
[Remove]
sudo rmmod sutekh
[Note]
dmesg for kernel debug output!
[ 2217.810776] [?] SCT: [0xffffffff96400180]
[?] EXECVE: [0xffffffffc065b030]
[?] UMASK: [0xffffffffc065b000]
[ 2223.379218] [+] Giving r00t!