4rtemis-4rrow
commented
3 months ago forget it, I just wrote a hook for the read() syscall, though the hook itself was harder to write, it wasn't harder to research
Closed 4rtemis-4rrow closed 3 months ago
4rtemis-4rrow
commented
3 months ago forget it, I just wrote a hook for the read() syscall, though the hook itself was harder to write, it wasn't harder to research
so, I understand how this rootkits hooks syscalls, I managed to successfully implement my own syscall hooks into it, so there is that
what I still don't understand is how can I make it hook into kernel functions (specifically tcp4_seq_show in order to hide ports), I'd really appreciate it if you could answer this question @m0nad, as all of my searches turned nothing, at least nothing which works for newer kernels, and I lost hope in pretty much everything, fr dude, you are my last hope at finding a solution
ps: I already wrote the hook function, I just have no clue of how to implement it, everything I tried failed to compile
thanks in advance