oss-sec mailing list archives

Vlany: A Linux (LD_PRELOAD) rootkit

From: eov eov <seclist45 () gmail com>
Date: Thu, 10 Nov 2016 13:18:44 +0200

Features:

Process hiding
User hiding
Network hiding
LXC container
Anti-Debug
Anti-Forensics
Persistent (re)installation & Anti-Detection
Dynamic linker modifications
Backdoors
accept() backdoor (derived from Jynx2)
PAM backdoor
PAM auth logger
vlany-exclusive commands

Download: https://github.com/mempodippy/vlany

Current thread:

Vlany: A Linux (LD_PRELOAD) rootkit eov eov (Nov 10)
- Re: Vlany: A Linux (LD_PRELOAD) rootkit Rich Felker (Nov 10)