BEURK – Linux Userland Preload Rootkit

Keep on Guard!


BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection.

BEURK - Linux Userland Preload Rootkit

Being a userland rootkit it gives limited privileges (whatever the user has basically) vs a superuser or root level rootkit.

Features

  • Hide attacker files and directories
  • Realtime log cleanup (on utmp/wtmp)
  • Anti process and login detection
  • Bypass unhide, lsof, ps, ldd, netstat analysis
  • Furtive PTY backdoor client

Usage

Compile

Install

Enjoy !

Dependencies

The following packages are not required in order to build BEURK at the moment:

  • libpcap – to avoid local sniffing
  • libpam – for local PAM backdoor
  • libssl – for encrypted backdoor connection

You can download BEURK here:

beurk-dev.zip

Or read more here.


Posted in: Linux Hacking, Malware

, , , , , ,

Recent in Linux Hacking:
- Linux kernel.org Hacker Arrested After Traffic Stop
- wildpwn – UNIX Wildcard Attack Tool
- Cyborg Hawk Linux – Penetration Testing Linux Distro

Related Posts:

Most Read in Linux Hacking:
- Kon-Boot – Reset Windows & Linux Passwords - 141,744 views
- Russix – LiveCD Linux Distro for Wireless Penetration Testing & WEP Cracking - 127,282 views
- BackTrack v2.0 – Hackers LiveCD Finally Released - 101,645 views


No comments yet.

Leave a Reply