Skip to content
/ VoidHeart Public

VoidHeart — A Linux Kernel Module that intercepts mount, rename, and unlink syscalls to prevent from doing this shit, destruction, and change. Inspired by a heart that refuses to forget

4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

devilzsecurity/VoidHeart

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
voidheart.c
voidheart.c
 
 

Repository files navigation

VoidHeart

VoidHeart — A Linux Kernel Module that intercepts mount, rename, and unlink syscalls to prevent from doing this shit, destruction, and change. Inspired by a heart that refuses to forget working lkm for versions like 4.x linux kernels :)

DETAILS

I have used return -EPERM to genreate errors like permission denied blocking further access to it in my hook easy blocked execution of: 1.mount syscall — blocks mounting of filesystems

2.rename syscall — blocks renaming or moving files

3.unlink syscall — blocks deleting/removing files

4.unlinkat syscall — blocks deleting files relative to a directory file descriptor also it can hide from lsmod

Maded for fun :)

SS: image

About

VoidHeart — A Linux Kernel Module that intercepts mount, rename, and unlink syscalls to prevent from doing this shit, destruction, and change. Inspired by a heart that refuses to forget

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages