Add hidden TCP/UDP connections and hide them in SS commands such as Netsat. Complete installation and usage instructions

[xiaojj2021]

I haven't seen the installation documentation or usage instructions
README.md
Inside, there is no clear definition of how to execute it?
What commands do I need to hide the process
What command do I need to hide TCP-UDP connection? I don't quite understand

[carloslack]

Good idea, I will write a usage instructions. In the meantime you can check some demo here https://github.com/carloslack/kv-demos/tree/master

About tcp/udp: it is hidden automatically, you don't need a separate command for that. You can check with tcpdump

To hide a process you first need to turn /proc interface on:
kill -SIGCONT 31337
will do it.
Then you: echo PID >/proc/
"PID" is the pid number of your process you want to hide.
whereas "name" is the one you set in Makefile, see changeme

Thanks

[xiaojj2021]

My C2 connection destination will display TCP as 8.8.8.8:1234
What do I need to do to hide TCP network connections 8.8.8.8?

The administrator can easily detect my c2 using commands such as ss and netstat - an

[carloslack]

Currently I dont think it is possible, KoviD hides its own backdoors connections.
Including this in the list of things to do.

[xiaojj2021]

I noticed that some Rookits support hidden TCP or UDP connections?
For example, I need to hide 8.8.8.8

Command:/elite/elite _cmd connhide

The following project does not support the latest kernel
https://github.com/f0rb1dd3n/Reptile

Hide TCP and UDP connections
Hide: /reptile/reptile_cmd conn hide
Unhide: /reptile/reptile_cmd conn show

[carloslack]

#181