On 16.08.2006 17:23, r00m213 (at) gmail (dot) com [email concealed] wrote:
> How do I install it from a startup script, without anybody seeing
> where the modules are.
I have little backround on this, but you could try to use the
functionality found in most rootkits that hide some files after the
rootkit has been loaded. I spotted some potential work on someone doing
something like this with a couple of google searches, so there you go,
wouldnt hurt to look into it.
Or then you could rename the module to something obscure and
irrelevant-looking (somesort of alsa sound card driver
snd_oss_mixer_emulation_snd_snd_oss blah blah thing) and pretend that
it's absolutely neccessary to load. Also worth a shot.
- --
Siim Põder
At some distance down the corridor it seemed suddenly as if somebody
started to beat on a bass drum.
He listened to it for a few seconds and realized that it was just his
heart beating.
He listened for a few seconds more and realized that it wasn't his heart
beating, it was somebody down the corridor beating on a bass drum.
-- Douglas Adams
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
Hash: SHA1
Yo
On 16.08.2006 17:23, r00m213 (at) gmail (dot) com [email concealed] wrote:
> How do I install it from a startup script, without anybody seeing
> where the modules are.
I have little backround on this, but you could try to use the
functionality found in most rootkits that hide some files after the
rootkit has been loaded. I spotted some potential work on someone doing
something like this with a couple of google searches, so there you go,
wouldnt hurt to look into it.
Or then you could rename the module to something obscure and
irrelevant-looking (somesort of alsa sound card driver
snd_oss_mixer_emulation_snd_snd_oss blah blah thing) and pretend that
it's absolutely neccessary to load. Also worth a shot.
- --
Siim Põder
At some distance down the corridor it seemed suddenly as if somebody
started to beat on a bass drum.
He listened to it for a few seconds and realized that it was just his
heart beating.
He listened for a few seconds more and realized that it wasn't his heart
beating, it was somebody down the corridor beating on a bass drum.
-- Douglas Adams
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE44M8dVkoBQGQR+MRAtguAJ973om2RSzdbLpzeCllWNeNNnArPgCfd4S9
E+0CzeH+WJUlLo2Z9L8oVws=
=mqH5
-----END PGP SIGNATURE-----
[ reply ]