A simple proof-of-concept for a kernel backdoor using modules. I made this just out of curiosity and because I wanted to see what kernel development was like. So yes, this is intended for educational purposes only.
I'm sure there are hundreads of these on the internet but I wanted to make one from scratch.
Here are some resources I used (in no particular order):
- https://lwn.net/Kernel/LDD3/
- https://www.kernel.org/doc/html/latest/
- https://elixir.bootlin.com/linux/latest/source
- https://linux-kernel-labs.github.io/refs/heads/master/labs/kernel_modules.html
- https://olegkutkov.me/2018/03/14/simple-linux-character-device-driver/
- http://derekmolloy.ie/writing-a-linux-kernel-module-part-1-introduction
- https://devarea.com/linux-kernel-development-kernel-module-parameters/
- https://appusajeev.wordpress.com/2011/06/18/writing-a-linux-character-device-driver/
As this is a working and dangerous piece of software and I want to keep 1337 5cr1p7 k1dd13s away, I will not explain how to use the software in the repo. If you are experienced enough or have read the above links you will understand how to use this.