Skip to content

mgrube/DragonKing

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
misc
misc
 
 
.travis.yml
.travis.yml
 
 
DK2.jpeg
DK2.jpeg
 
 
DragonKing.c
DragonKing.c
 
 
DragonKing.h
DragonKing.h
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
agent.c
agent.c
 
 
deploy.sh
deploy.sh
 
 

Repository files navigation

Build Status

DragonKing Rootkit

This is an open source rootkit created for a class taught on Rootkit Design.

This rootkit hides by hooking the system call table and using an agent to do interactive manipulation in userland.

Disclaimer: This rootkit was tested and developed on 64 bit Ubuntu 17.04. There are currently issues with 16.04.

Features

- An agent that works in userland 
- Self-destruct functionality
- Improved hiding 
- Network/Socket Hooking

Roadmap

- FTE Traffic Encryption
- Update/Maintenance Functionality
- P2P Command&Control Scheme
- OS X Support
- Windows Support
- EFI Infection
- SMM Infection

Reference Material:

http://www.thegeekstuff.com/2013/07/write-linux-kernel-module/

https://stackoverflow.com/questions/2103315/linux-kernel-system-call-hooking-example#2103745

https://appusajeev.wordpress.com/2011/06/18/writing-a-linux-character-device-driver/

About

Open Source Rootkit

Resources

Readme

License

GPL-3.0 license
Activity

Stars

21 stars

Watchers

6 watching

Forks

13 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages