This lab teaches the creation of an AP Backdoor. In the lab, the user has to create a malicious .ko module on the development machine, transfer it to the test machine and then observe it in action. The infrastructure to develop and test a kernel module based backdoor is provided.
What will you learn?
Building backdoor kernel modules for OpenWRT ARM router
Inserting and removing the modules on emulated device
Modifying the functionality and observing the module in action
References:
Compiling Kernel Modules (https://tldp.org/LDP/lkmpg/2.6/html/x181.html)
Building External Module (https://www.kernel.org/doc/html/latest/kbuild/modules.html)
Write Linux Kernel Module (https://www.thegeekstuff.com/2013/07/write-linux-kernel-module/)
Labs Covered:
In this lab, you will learn to create Linux Kernel Module (LKM) based backdoors and test those on an emulated environment. A non-exhaustive list of activities to be covered includes:
Explore the build OpenWRT system and source code for various sample backdoors
Build the backdoor kernel modules
Transfer the kernel modules to emulated MIPS router, insert those into the kernel and observe the working