DO ONLY USE THIS IN PRIVATE GAMES BECAUSE IT IS GAME BREAKING
This rootkit is based on this tutorial:
Compile and insert the rootkit by running:
bash make.sh
you maybe need to change /lib/ to something like /lib/x86_64-linux-gnu/ this is specific for the distribution (Remember you need to change the port and ip address in the script)
touch __UNO & ls & rm __UNO
hide files:
everything beginning wit "kir" or "asu" gets hidden
hide content of files:
just add a line containing "hiro" at the end of the file
disables ioctl and ps automatically
Remove the rootkit with:
bash remove.sh
WARNING:
THIS ROOTKIT CAN AND WILL BREAK THE MACHINE IF YOU DONT USE THE GCC ON THE MACHINE WHERE YOU WANT TO RUN IT
(to clarify this is due to conflicting (glibc/other shared objects) versions. in theory you could try to bring your own glibc with you or statically compile the binary. For koth it might be enough to compile it once on an old ubuntu machine similar to the boxes)
THERE WERE ALSO PREVIOUS ERRORS WHERE THE ROOTKIT KILLED SSH SESSIONS AND TERMINALS
I DONT TAKE ANY RESPONSIBILITY FOR ANY DAMAGE CAUSED BY THIS ROOTKIT