Linux Post-Exploitation
Chkrootkit 0.49 – Local Privilege Escalation – CVE-2014-0476
chkrootkit is a tool to locally check for signs of a rootkit (http://www.chkrootkit.org/). It contains: chkrootkit: a shell script that checks system binaries for rootkit modification. ifpromisc.c: checks if the network interface is in promiscuous mode. chklastlog.c: checks for lastlog deletions. chkwtmp.c: checks for wtmp deletions. check_wtmpx.c: checks for wtmpx Read more…