top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration
Print Preview

Creating a process without listing in ps -aux

0 votes
26 views

I would like to know how the process can be hijacked, means creating a process without listing in ps -aux command.

posted May 14, 2013 by anonymous

Share this question
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button
Sorry, I can't help you here. But I'm curious - for what use case (except a rootkit) would that feature be helpful?

4 Answers

+1 vote

On Linux I believe all the process management tools use the information
in the /proc filesystem to show process information. You can think of
ps, top, etc as just convenient front-ends to /proc. The "proc"
filesystem is itself just a view into the kernel process table and other
kernel tables. Given this, you would have to hack the kernel code to
create an "invisible" process.

answer May 14, 2013 by anonymous
+1 vote

You could name your process something that looks like a common process, like /bin/dash, looks like /bin/bash. Mixed in lots of process it becomes hard to see just one different letter.

answer May 14, 2013 by anonymous
0 votes

On Linux I believe all the process management tools use the information
in the /proc filesystem to show process information. You can think of
ps, top, etc as just convenient front-ends to /proc. The "proc"
filesystem is itself just a view into the kernel process table and other
kernel tables. Given this, you would have to hack the kernel code to
create an "invisible" process.

answer May 14, 2013 by anonymous
0 votes

Essentially, you'll need to modify the kernel. The 'usual' way is to
load a module which modifies how the kernel populates /proc/pid such
that when things (top, ps etc.) read that data they don't get the
entry relating to your hidden process.

answer May 14, 2013 by anonymous
Similar Questions
+2 votes

In the ps results few of the processes are having process state as "D" . What does it mean ? Briefly explain different process states ?

0 votes

I am wondering how - or more exactly where - umask is defined on a stock Ubuntu server system.

I have reactivated the root account. Here's the respective default umask for root and normal users:

Nomal User:

$ umask
0002

Root User

$ umask
0022

On RHEL/CentOS, these values are defined in /etc/bashrc and then in the individual ~/.bashrc files. How does Ubuntu handle this?

0 votes

I'd like to install a master on a virtual machine and rsync this installation to ten clients (desktop installation for a library). Also, all changes after the initial installation to this master image should be replicated to them.

There are some modifications for the master installation necessary. It must not use UUIDs for example.

Is there a ready-to-use script for this scenario?

Thank you in advance.

0 votes

I have an existing system which contains a LAN connected disk drive. I have added a new computer on which I installed Ubuntu (this is my first linux experience). From the Ubuntu computer I can read the files on the samba connected drive but I can not write to those files. I have tried to change the permissions but can not locate where the drive is mounted. So my question ishow do I change the permissions?

+6 votes

I suddenly pressed CTRL+Q as I am using Ubuntu Mint, but I want to get rigged of this situation.
Is there any undo shortcut for it or any possible answers.


Useful Links with Similar Problem
Contact Us
+91 9880187415
sales@queryhome.net
support@queryhome.net
#470/147, 3rd Floor, 5th Main,
HSR Layout Sector 7,
Bangalore - 560102,
Karnataka INDIA.
QUERY HOME
...