Comments (5)
f0rb1dd3n
commented on July 20, 2024
@nbulischeck, thank you for reporting that. I did some changes, can you test please?
from reptile.
nbulischeck
commented on July 20, 2024
I apologize for the delay in testing your quick fix.
I just tested it on Linux 4.17.2-1-ARCH and it worked really well!
It had some slight bugs like kernel panicking as soon as I inserted the module, absolutely annihilating my kernel to the point where it wouldn't mount my /boot partition after rebooting from the kernel panic because the ext4 module wouldn't be inserted (in fact no modules were inserted into the kernel), kernel panicking for the second time when trying to remove it in emergency-mode, and lastly requiring me to rebuild my kernel from a live cd.
You did ultimately fix the compilation issue, which I suppose was the goal, however I believe there are some unintended side effects of the module as it stands. Best of luck in your future development!
from reptile.
f0rb1dd3n
commented on July 20, 2024
so, do you have any dump or stacktrace of the kernel panicks? I apologize that you have to reinstall your kernel. I recommend always test it in a VM that you can restore snapshots. Reptile was under development, and it got some bugs. Now I have tested in most of distros (centOS 6 and 7, fedora, ubuntu, debian, e etc) and it is stable working fine. So if you got some bug or panicks, let me know to make this rootkit more stable.
thanks your reporting,
403
from reptile.
nbulischeck
commented on July 20, 2024
Unfortunately I wasn't testing in a VM as I haven't had a LKM cause that much damage before. I agree I should have been testing in one. Unfortunately, I wasn't in the best state to capture the backtraces, but upon removal of the module I received:
RIP: 0010:panic+0x201/0x247
RAX: 0x56
RDX: 0x0
RSI: 0x1
...
do_exit.cold.4
? __do_page_fault
do_group_exit
__x64_sys_exit_group
do_syscall_64
entry_SYSCALL_64_after_hwframe
from reptile.
f0rb1dd3n
commented on July 20, 2024
sorry man, in some old commits, Reptile wasn't stable. And maybe in your version of kernel too.
about this kind of backtrace, you appears to didnt get crash with reptile. But, I don't know what FLAGs are you compiling your kernel and what kind of ambient have you installed. I just tested on default configuration of the main distros of Linux. The most actual kernel I have tested is on last updated Fedora with kernel 4.16.+
But even you got a bad experience with that, I invite you to install a Virtual Machine and test it, maybe use.
thx,
403
from reptile.
Related Issues (20)
- is there gonna be kernel 5.X support? HOT 7
- make error: implicit declaration of function 'memzero_explicit' [-Werror=implicit-function-declaration] HOT 2
- tty hangs while rmmod HOT 2
- Error on running make
- Personal doubts
- Error during "make install" HOT 1
- Error with "kallsyms_on_each_symbol" at make HOT 1
- error on redhat 7
- How to prevent detection
- copy_from_user cause system crash on centos7.8 HOT 1
- Installing Error on Parrot OS HOT 1
- 12312
- linux kernel 5.0+ Compatibility HOT 1
- update for Ubunut22 and other higher version kernel
- Hide processs faile HOT 1
- help
- About memory leaks(关于内存泄漏)
- Reptile-master/kernel/include/config.h:26:25: error: expected ‘)’ before ‘HIDE’ HOT 1
- Can't open reptile_module.ko for reading HOT 4
- AMZN Connection Hide
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reptile.