LKM - Sebek

[Mike lim <bugtraq77 () yahoo com>]

Has anybody has success running this adore-modified key logger?

I managed to compile the kernel modules successfully in Redhat 6.2.

However, the client when run (./sebek.sh start) produced the following:
-----------------------------------------------------------------
rmmod: module cleaner is not loaded
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/tmp/sebek/adore.o' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/tmp/sebek/cleaner.o' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/tmp/sebek/sdm' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/tmp/sebek/ava' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/tmp/sebek/sebek.sh' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/tmp/sebek' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File '/dev/sebek' hided.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
Can't hide process.
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File './sebek.sh' hided.
------------------------------------------------------------------
The error apparantly comes from adore (ava) as the following commands produced the following:

./ava h LICENSE
Couldn't authorize myself. Trying anyway ...
Potential sebek config/version mismatch...
File 'LICENSE' hided.

In addition, the FIle 'LICENSE' hided it not hidden.



---------------------------------
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now