Friday, September 15, 2017

chkrootkit Scan for Rootkits

chkrootkit Scan for Rootkits


This guide explains how to find rootkits, worms, Loadable Kernel Modules(LKMs) using chkrootkit. But first we need to install chkroot package before we start using it. 

sudo apt-get -y install chkrootkit

Now run the following command to check for presence of infected binaries.

sudo chkroot

chkroot command checks for following worms, rootkits and LKMs

  • lrk3, lrk4, lrk5, lrk6 (and variants)
  • Solaris rootkit
  • FreeBSD rootkit
  • t0rn (and variants)
  • Ambients Rootkit (ARK)
  • Ramen Worm
  • rh[67]-shaper
  • RSHA
  • Romanian rootkit
  • RK17
  • Lion Worm
  • Adore Worm
  • LPD Worm
  • kenny-rk
  • Adore LKM
  • ShitC Worm
  • Omega Worm
  • Wormkit Worm
  • Maniac-RK
  • dsc-rootkit
  • Ducoci rootkit
  • x.c Worm
  • RST.b trojan
  • duarawkz
  • knark LKM
  • Monkit
  • Hidrootkit
  • Bobkit
  • Pizdakit
  • t0rn v8.0
  • Showtee
  • Optickit
  • T.R.K
  • MithRas Rootkit
  • George
  • SucKIT
  • Scalper
  • Slapper A, B, C and D
  • OpenBSD rk v1
  • Illogic rootkit
  • SK rootkit
  • sebek LKM
  • Romanian rootkit
  • LOC rootkit
  • shv4 rootkit
  • Aquatica rootkit
  • ZK rootkit
  • 55808.A Worm
  • TC2 Worm
  • Volc rootkit
  • Gold2 rootkit
  • Anonoying rootkit
  • Shkit rootkit
  • AjaKit rootkit
  • zaRwT rootkit
  • Madalin rootkit
  • Fu rootkit
  • Kenga3 rootkit
  • ESRK rootkit
  • rootedoor rootkit
  • Enye LKM
  • Lupper.Worm
  • shv5
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)