Unhide - LQWiki

From LQWiki

DOWNLOAD

http://www.security-projects.com/?Unhide

Unhide is for generic Unix systems (*BSD, Solaris, linux 2.2 / 2.4) or 2.6 kernels

INSTALL

Thanks again for unSpawn's patience and help in making this possible

NOTE...rootkit hunter can now use unhide command....in lower case so disregard any pix showing Unhide and create and use this command in lower case...ok

1.1) Decompress The tarball can be decompressed using Konqueror (for newbies) or using command

tar zxvf unhide.tgz

http://www.filehigh.com/viewimg.php?f=30814&i=319529 http://www.filehigh.com/files/001/thumbs/22054_319529_tl.gif

then cd into the new folder using command

cd unhide <version number> or use bash-completion if installed.

http://www.filehigh.com/viewimg.php?f=30814&i=319531 http://www.filehigh.com/files/001/thumbs/22054_319531_tl.gif

1.2) Create the unhide executable

1.2A) for 2.6 kernels

gcc -Wall -o unhide unhide-linux26.c

http://www.filehigh.com/viewimg.php?f=30814&i=319541 http://www.filehigh.com/files/001/thumbs/22054_319541_tl.gif

ignore the output

1.2B) for other kernels

gcc -Wall -o unhide unhide.c

http://www.filehigh.com/viewimg.php?f=30814&i=319546 http://www.filehigh.com/files/001/thumbs/22054_319546_tl.gif

Note...you can name the executables different names to those I have chosen. So in the formula change unhide to a different name. Note the new warning above

unhide is complete lets move on

1.3) Create the Untcp executable

for all kernels its (and ignore the output)

gcc -Wall -o Untcp unhide-tcp.c

http://www.filehigh.com/viewimg.php?f=30814&i=319548 http://www.filehigh.com/files/001/thumbs/22054_319548_tl.gif