From 9883055e52bb0d74ab11dabe920a82d0a5270362 Mon Sep 17 00:00:00 2001 From: JNE Date: Mon, 28 Oct 2024 20:27:28 +0000 Subject: [PATCH] Update README --- README.md | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 014722b..3c638f1 100644 --- a/README.md +++ b/README.md @@ -164,21 +164,25 @@ Read [Phrack magazine](http://phrack.org/issues/71/12.html#article) where g1inko You can hide/unhide processes using the /proc/mytest interface. For example, to hide a task, run: $ echo 14886 >/proc/mytest. If a task is a backdoor that needs tcp hiding, run: - $ echo "-bd " >/proc/mytest. + $ echo hide-task-backdoor= >/proc/mytest Unhiding is the same as for regular tasks: $ echo "" >/proc/mytest ### 3.3 Hide module - To hide the KoviD module, use the command: `$ echo -h >/proc/mytest`. + To hide the KoviD module, use the command: `$ echo hide-lkm >/proc/mytest`. In release mode, the module is hidden by default, and a key can be displayed by running `$ cat /proc/mytest`. ### 3.4 Hide/unhide/list files and directories - To hide a file or directory, use: $ echo '-a name' >/proc/mytest. - To unhide, use: $ echo '-d name' >/proc/mytest. You can list hidden files - and directory names with: $ echo listname >/proc/mytest. + To hide a file or directory, use: + $ echo hide-file=/tmp/README.txt >/proc/mytest + To unhide, use: + $ echo unhide-file=README.txt >/proc/mytest + You can list hidden files + and directory names with: + $ echo list-hidden-file >/proc/mytest. ### 3.5 SSH/FTP TTY sniffer