University Project - Linux Rootkit Development

Craig Wilson
Page content

Linux Rootkit Development University Project

Introduction

Welcome to an intriguing university project video that delves into the secretive realm of Linux Rootkit development. In this project, the focus is on Linux Kernel version 4.4.0 running on Ubuntu 16.04. The goal? To unravel the functionality of a Rootkit and its potential real-world applications. While this endeavor may raise eyebrows, it’s crucial to emphasize that this project is purely for educational and research purposes, with no intention of endorsing or promoting illegal activities.

Unveiling the Linux Rootkit

The Rootkit is crafted using the C programming language and then strategically injected into the operating system kernel process through dynamic linking. Watch closely as it assumes control over the Kernel’s “system call table” upon loading. From this vantage point, the Rootkit wields incredible power:

  • Process Management: The Rootkit can manipulate processes, granting it the capability to alter or conceal their activities.
  • Stealth Mode: It can effectively hide itself, camouflaging its presence within the system.
  • Root Access: With the Kernel under its command, the Rootkit can attain root-level privileges, bypassing typical security barriers.
  • Remote Shell Creation: Perhaps the most intriguing feature is its ability to establish a remote shell with root permissions, offering an unobstructed pathway for remote access.

A Focus on Control, Not Exploitation

It’s crucial to clarify that this project concentrates solely on the control aspects of a system, not its exploitation. Rootkits are commonly associated with malicious intent, often deployed through system exploits or direct user installations for unauthorized access. This video, however, aims to shed light on the mechanisms and intricacies of rootkit control, steering clear of exploitation techniques.

Overcoming Challenges

No significant project is without its fair share of challenges. This project encountered hurdles, especially considering changes in the Linux security architecture in later kernels. Despite these obstacles, the project was completed successfully. In this video, the creator shares their learning journey, highlighting the challenges faced and the strategies employed to overcome them.