[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Vlany: A Linux (LD_PRELOAD) rootkit

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Vlany: A Linux (LD_PRELOAD) rootkit
From: eov eov <seclist45@xxxxxxxxx>
Date: Thu, 10 Nov 2016 14:01:15 +0200

Features:

Process hiding
User hiding
Network hiding
LXC container
Anti-Debug
Anti-Forensics
Persistent (re)installation & Anti-Detection
Dynamic linker modifications
Backdoors
accept() backdoor (derived from Jynx2)
PAM backdoor
PAM auth logger
vlany-exclusive commands

Download: https://github.com/mempodippy/vlany

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: Re: [FD] WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details
Next by Date: [FD] CA20161109-02: Security Notice for CA Service Desk Manager
Previous by thread: Re: [FD] WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details
Next by thread: [FD] CA20161109-02: Security Notice for CA Service Desk Manager
Index(es):
- Date
- Thread