Can't remove - Githubissues

f0rb1dd3n / Reptile

LKM Linux rootkit

2.54k stars 571 forks source link

Can't remove #23

Closed fcafra closed 6 years ago

fcafra commented 6 years ago

Hi, Im a gay ... :) so, when launch ./installer.sh remove I get this Uninstalling... rmmod: ERROR: Module rep_mod is in use

Another Info: On 4.15.0-kali3-amd64 lsmod | grep rep_mod rep_mod 20480 1

/sbin/modinfo reptile filename: /lib/modules/4.15.0-kali3-amd64/kernel/drivers/PulseAudio/reptile/reptile.ko description: Reptile - A linux LKM rootkit author: F0rb1dd3n - ighor@intruder-security.com license: GPL depends:
retpoline: Y name: rep_mod vermagic: 4.15.0-kali3-amd64 SMP mod_unload modversions

rmmod /lib/modules/4.15.0-kali3-amd64/kernel/drivers/PulseAudio/reptile/reptile.ko rmmod: ERROR: Module reptile is not currently loaded

How to uninstall please ?

f0rb1dd3n commented 6 years ago

Hello,

try the follow:

rm -f /etc/modules && depmod && reboot

After that, and after reboot, reptile won't be loaded. To fully clean your machine remove /reptile and /lib/modules/4.15.0-kali3-amd64/kernel/drivers/PulseAudio/reptile.

When this kind of error occurs, you also can reboot the machine and wait the module load again to run uninstaller.

I hope I helped you,

403

fcafra commented 6 years ago

@f0rb1dd3n Thanks 403, you help me. :+1:

f0rb1dd3n commented 6 years ago

@fcafra, can we close this issue?

fcafra commented 6 years ago

Oh Yes, Sorry.