Re: What is the hidden process?
On 08.04.2011 14:47, Wayne Topa wrote:
> On 04/07/2011 10:50 PM, James Brown wrote:
>> `unhide` define that there is a hidden process in my system, but don't
>> indicate it concretely:
>>> ~$ sudo unhide sys
>>> Unhide 20100201
>>> http://www.security-projects.com/?Unhide
>>>
>>>
>>> [*]Searching for Hidden processes through kill(..,0) scanning
>>>
>>> [*]Searching for Hidden processes through comparison of results of
>>> system calls
>>>
>>> [*]Searching for Hidden processes through getpriority() scanning
>>>
>>> [*]Searching for Hidden processes through getpgid() scanning
>>>
>>> [*]Searching for Hidden processes through getsid() scanning
>>>
>>> [*]Searching for Hidden processes through sched_getaffinity() scanning
>>>
>>> [*]Searching for Hidden processes through sched_getparam() scanning
>>>
>>> [*]Searching for Hidden processes through sched_getscheduler() scanning
>>>
>>> [*]Searching for Hidden processes through sched_rr_get_interval()
>>> scanning
>>>
>>> [*]Searching for Hidden processes through sysinfo() scanning
>>>
>>> HIDDEN Processes Found: 1
>>
>>
>> How can I find out what is that process?
>>
>>
>
> Maybe
> unhide-posix sys
>
> Which works here with version 20100201-1
>
> WT
>
>
I tried it. That command works wrong: it defineds as "hidden" all
processes in my system which I can see in `top` or `ps ax`.
Reply to: