Skip to content
/ libprocesshider Public

Hide a process under Linux using the ld preloader

3 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

huine/libprocesshider

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
processhider.c
processhider.c
 
 

Repository files navigation

libprocesshider

Hide a process under Linux using the ld preloader.

Based on https://github.com/gianlucaborello/libprocesshider

My version hides all process of an user by his uid under Linux.

Full tutorial available at https://sysdigcloud.com/hiding-linux-processes-for-fun-and-profit/

In short, compile the library:

gabriel@[~/libprocesshider]:~> make
gcc -Wall -fPIC -shared -o libprocesshider.so processhider.c -ldl
gabriel@[~/libprocesshider]:~> sudo mv libprocesshider.so /usr/local/lib/

Load it with the global dynamic linker

root@[~]:~> echo /usr/local/lib/libprocesshider.so >> /etc/ld.so.preload

And your process will be off the radar

gabriel@[~]:~> sudo ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
...

gabriel@[~]:~> sudo lsof -ni
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
...

About

Hide a process under Linux using the ld preloader

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages