All notable changes to KoviD will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- test: False positive for
BUG: unable to handle page fault
related tollvm.lit
test runner
- protect, with encryption, memory stored back-door Key
- proc UI re-designed
- black-list proc UI from directory stats
- Feature: tamper stat's counter (
Links:
) for hidden hard-links - Feature: basic encryption
- Tools: x86-64 lkm loader under
inject/
- Tests:
ftrace
, back-doors,proc
,Kaudit
- Tests: KoviD initial regression tests: back-doors, hide processes, module
- Tests:
cmake
build system for tests framework - Tests: Native tests
- Bug: back-doors deinit
- Prevent ftrace from being disabled
- Added -n option to rename a hidden process on-the-fly
- -S option to list ALL processes in debug mode (useful for -n option)
- Don't show rk name in files from /proc, /sys and /var/log when using dmesg, cat, tail etc.
- If banned words are logged, replace by a newline
- Stricter proc interface (root only) when built in release mode
- The way random magic name is generated, simplified
- Make sure to remove SSL socket file when KoviD in unloaded
- Memory leak from random strings
- Zero
/proc/sys/kernel/tainted
- Added "-g" proc interface to support inode hiding files globally
- Added cheatsheet docfile for KoviD user interface
- Remove magic word from syslog output, use KoviD /proc interface instead.
- Add syslog-style timestamp to
tty
logfile - Modified "-a" proc interface to support full-path file hiding
- Set persistence filenames from uuidgen output
- Fix hidden process leftover in /proc
- Hide kovid /proc interface even when it is available
- Fix pr(info/warn/...) to proper no-op when in release mode