This lab teaches the creation of an AP Backdoor. In the lab, the user has to create a malicious .ko module on the development machine, transfer it to the test machine and then observe it in action. The infrastructure to develop and test a kernel module based backdoor is provided. 

What will you learn?

  • Building backdoor kernel modules for OpenWRT ARM router

  • Inserting and removing the modules on emulated device 

  • Modifying the functionality and observing the module in action


References:


  1. Compiling Kernel Modules (https://tldp.org/LDP/lkmpg/2.6/html/x181.html)

  2. Building External Module (https://www.kernel.org/doc/html/latest/kbuild/modules.html)

  3. Write Linux Kernel Module (https://www.thegeekstuff.com/2013/07/write-linux-kernel-module/)


Labs Covered:


In this lab, you will learn to create Linux Kernel Module (LKM) based backdoors and test those on an emulated environment. A non-exhaustive list of activities to be covered includes: 

    • Explore the build OpenWRT system and source code for various sample backdoors

    • Build the backdoor kernel modules

    • Transfer the kernel modules to emulated MIPS router, insert those into the kernel and observe the working

User Avatar

Backdoor Practice Lab: MIPS architecture