Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "LKM"

From NetSec
Jump to: navigation, search
(Created page with "LKM stands for "Linux Kernel Module" or "Loadable Kernel Module". As the name implies, it is a way to allow code to interact directly with the kernel, in the kernel. In essenc...")
 
Line 1: Line 1:
 
LKM stands for "Linux Kernel Module" or "Loadable Kernel Module". As the name implies, it is a way to allow code to interact directly with the kernel, in the kernel. In essence, it is a way to extend the kernel and add functionality to it. Although it goes without saying that you need root to modify the kernel, this opens up an interesting way to backdoor a box. You can see a list of currently loaded kernel modules in two ways:
 
LKM stands for "Linux Kernel Module" or "Loadable Kernel Module". As the name implies, it is a way to allow code to interact directly with the kernel, in the kernel. In essence, it is a way to extend the kernel and add functionality to it. Although it goes without saying that you need root to modify the kernel, this opens up an interesting way to backdoor a box. You can see a list of currently loaded kernel modules in two ways:
  
{code|text=
+
{{code|text=
<code lang="bash">
+
<source lang="bash">
 
$ lsmod
 
$ lsmod
 
$ cat /proc/modules
 
$ cat /proc/modules
</code>
+
</source>
 
}}
 
}}

Revision as of 20:47, 21 June 2016

LKM stands for "Linux Kernel Module" or "Loadable Kernel Module". As the name implies, it is a way to allow code to interact directly with the kernel, in the kernel. In essence, it is a way to extend the kernel and add functionality to it. Although it goes without saying that you need root to modify the kernel, this opens up an interesting way to backdoor a box. You can see a list of currently loaded kernel modules in two ways:

 
$ lsmod
$ cat /proc/modules