So you loaded LKRG on a system that already had an LKM rootkit in the kernel? LKRG wasn't meant to help in that scenario: pre-compromised system, rootkit loaded by legitimate means (LKM, as root). Yet LKRG managed to detect attempted interaction with the rootkit anyway? @Adam_pi3
-
-
-
@solardiz@Adam_pi3 yes, that's correct, but stills works;) However, I tested also the 2nd case. Loaded LKRG before loading LKM rootkit into the kernel also works and throws alerts to the dmesghttps://pastebin.com/dpHZepx2
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.