RangerDanger rootkit

Installation

To install the rootkit first clone into the repo and run the 'make' command to produce the RangerDanger.ko file
once you have created the kernel module file all you have to do is install it with the command: 'insmod RangerDanger.ko'
Note: this has to be done as root. LKM Rootkits expect that you already have root privileges.
we will be sending commands to the device driver so for now you need to modify the permissions for the device
This is done with a simple command: 'chmod 777 /dev/ttyCWO' after that you are good to go!

Interacting with the rootkit

Once installed, the LKM creates a device called /dev/ttyCWO (this can be changed to whatever you want)
to send commands to the rootkit all you have to do is echo commands to the device driver
example: 'echo "whatever command" > /dev/ttyCWO' this command will be ran by the rootkit
**** I fully intend to make the process of interacting with the rootkit smoother ***

Features

Self Hiding Module

Currently the LKM hides itself on install, to toggle if the module is visable via the 'lsmod' command
just send the rootkit the command 'hide' this will toggle it on and off

Privilege Escalation

The only other feature as of right now is to give your current shell root privileges.
this is easily done by send the rootkit the command 'cwo' this will instantly give you root!

Uninstallation

Since the rootkit hides itself by default you will need to send it the commmand 'hide' to make it visible.
after the LKM is visible you can easly remove it with the command: 'rmmod RangerDanger'