Skip to content

Commit

Permalink
Update README
Browse files Browse the repository at this point in the history
  • Loading branch information
JNE committed Oct 31, 2024
1 parent 77b987d commit bab8b84
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -164,21 +164,25 @@ Read [Phrack magazine](http://phrack.org/issues/71/12.html#article) where g1inko
You can hide/unhide processes using the /proc/mytest interface.
For example, to hide a task, run: $ echo 14886 >/proc/mytest.
If a task is a backdoor that needs tcp hiding, run:
$ echo "-bd <pid>" >/proc/mytest.
$ echo hide-task-backdoor=<pid> >/proc/mytest
Unhiding is the same as for regular tasks:
$ echo "<PID>" >/proc/mytest

### 3.3 Hide module

To hide the KoviD module, use the command: `$ echo -h >/proc/mytest`.
To hide the KoviD module, use the command: `$ echo hide-lkm >/proc/mytest`.
In release mode, the module is hidden by default,
and a key can be displayed by running `$ cat /proc/mytest`.

### 3.4 Hide/unhide/list files and directories

To hide a file or directory, use: $ echo '-a name' >/proc/mytest.
To unhide, use: $ echo '-d name' >/proc/mytest. You can list hidden files
and directory names with: $ echo listname >/proc/mytest.
To hide a file or directory, use:
$ echo hide-file=/tmp/README.txt >/proc/mytest
To unhide, use:
$ echo unhide-file=README.txt >/proc/mytest
You can list hidden files
and directory names with:
$ echo list-hidden-file >/proc/mytest.

### 3.5 SSH/FTP TTY sniffer

Expand Down

0 comments on commit bab8b84

Please sign in to comment.