Download as PDF, PPTX
Uploaded byfisher.w.y
PDF, PPTX2,514 views
Rootkit on Linux X86 v2.6
This document describes techniques for creating rootkits on Linux x86 systems. It discusses obtaining the system call table, hooking system calls through various methods like direct modification of the table, inline hooking of system call code, and patching the system call handler. It also presents the idea of abusing debug registers to generate exceptions and intercept system calls. The goal is to conceal running processes, files, and other system data from detection.
![[2007 CodeEngn Conference 01] dual5651 - Windows 커널단의 후킹](https://cdn.slidesharecdn.com/ss_thumbnails/20071stcodeengndual5651hooktheplanet-130527105710-phpapp02-thumbnail.jpg?width=640&height=640&fit=bounds)
![[Kiwicon 2011] Post Memory Corruption Memory Analysis](https://cdn.slidesharecdn.com/ss_thumbnails/kiwiconbrossard-111127232850-phpapp01-thumbnail.jpg?width=640&height=640&fit=bounds)
![[HITB Malaysia 2011] Exploit Automation](https://cdn.slidesharecdn.com/ss_thumbnails/brossardhitb2011-111127232630-phpapp02-thumbnail.jpg?width=640&height=640&fit=bounds)
![[CCC-28c3] Post Memory Corruption Memory Analysis](https://cdn.slidesharecdn.com/ss_thumbnails/28c3-120107122834-phpapp02-thumbnail.jpg?width=640&height=640&fit=bounds)
![[Ruxcon 2011] Post Memory Corruption Memory Analysis](https://cdn.slidesharecdn.com/ss_thumbnails/ruxcon-111127233040-phpapp02-thumbnail.jpg?width=640&height=640&fit=bounds)
