-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Wild Linux Kernel Object Module developed for the EPITA's SYS2 course.
This project explores kernel development concepts, including system call interception, file and network stealth, persistence mechanisms, and remote control via encrypted channels.
-
Connection & Control
- Auto-connect to a remote controller
- Can be operated through a Discord channel
-
Stealth & Persistence
- Remains active after reboot
- Hides files, processes, and network traffic
-
Access & Security
- Encrypted communication (AES)
- Password-protected remote access
-
Execution & Interception
- Remote command execution + output retrieval
- Upload / download support
- Network redirection
- Network traffic redirection
- Distribution: Ubuntu 24.04 LTS
- Kernel: Linux 6.12
Why this setup?
Choosing a recent distribution and kernel version was intentional and strategic:
-
Ubuntu 24.04 LTS provides an up-to-date yet stable environment. It includes the 6.12 kernel by default, which avoids manual downgrading or recompilation. Ubuntu remains one of the most widely used Linux distributions, both in educational and production contexts. It's lightweight enough for virtual environments and well-supported by modern tooling (compilers, libc, etc.).
-
Linux Kernel 6.12 is one of the latest available versions, reducing the risk of relying on deprecated APIs or outdated mechanisms. Although newer kernels are harder to exploit due to security improvements, this raises the challenge level, making the project more relevant and realistic. It also ensures compatibility with modern development tools and helps simulate a credible attack scenario against a system that mirrors real-world usage.
Using an outdated setup might make exploitation easier, but would fail to reflect current security standards. This project instead focuses on realism and technical depth.