Giter Site home page Giter Site logo

antonini / android-rootkit Goto Github PK

View Code? Open in Web Editor NEW

This project forked from hiteshd/android-rootkit

0.0 1.0 0.0 230 KB

A rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68

License: Other

Makefile 10.62% C 89.38%

android-rootkit's Introduction

Android-Rootkit

A rootkit for Android. Based on Android platform based linux kernel rootkit from Phrack Issue 68

Part of ISA 673 a class project. Adding it here just because there is not just enough documentation out there to do this for Android

I appreciate any pull requests as long as they extend functionality and dont do harm

Kernel Build Specs

  • Using kernel tree from here

  • Using ROM image from here

  • Using Android NDK toolchain 4.4.3 from Google.

  • Tried and tested on HTC Bravo running kernel version 2.6.38.8

Module Information

Filename: sys_call_table.ko Desciption: This rookit is developed to intercept the following calls

  • SYS_WRITE
  • SYS_READ
  • SYS_CREAT
  • SYS_MKDIR
  • SYS_RMDIR
  • SYS_KILL
  • SYS_OPEN
  • SYS_CLOSE
  • SYS_GETDENT
  • SYS_UNLINK
  • SYS_KILL

Author: Hitesh Dharmdasani [email protected]

License: GPL v2

Depends: Android NDK, Kernel source tree of target

Vermagic: 2.6.38.8-cos-bravo-jellybean+ preempt mod_unload ARMv7

Other details

  • The source tree will not complile to give you a zImage that you should use. A hack around it was to just use a pre built rom with the same specs
  • If you are facing vermagic issues. Fix them by the obvious.
    • Fix entry in utrelease.h
    • Fix entry in kernel.release
    • DO NOT 'make' the kernel source tree after you do this
  • Edit the makefile to suit your paths for the NDK and the kernel source tree for your Android Operating system
  • The rootkit compiles as a kernel object and needs to be run on the phone.
    • # insmod sys_call_table.ko
    • # ./sys_call_table_inst
  • Use dmesg to debug

android-rootkit's People

Contributors

hiteshd avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.