www.Reversing.gr

In this article I will show you the basic technique that rootkits use, which we can use to hook system calls in kernel mode. I will deal only with Linux 2.6 x86-32 and Linux 2.6 x86-64. In the end we are going to hook the setuid system call which when takes a "magic" uid as an argument it ...