Skip to content

dejavvu/Demon

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
demon
demon
 
 
module_scan
module_scan
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
init.sh
init.sh
 
 

Repository files navigation

Quick proof of concept for http://www.cs.columbia.edu/~mikepo/papers/gpukeylogger.eurosec13.pdf

Objective:

  • Undetection. Our jellyfish rootkit utilized a common LD_PRELOAD technique to hide in userland. For Demon we're going with code injection.

Disclaimer:

  • We are not associated with the creators of this paper. We only PoC'd what was described in it, plus a little more.

PLEASE READ:

  • For some arbitrary reason this project as well as jellyfish, has been getting a decent amount of attention. That being said, we just want to notify everyone reading this that Demon is not complete nor has it even reached the expectations we wanted it to yet. We're still circling around ideas and pseudo code upon what we think is cool, so apologies to anyone disappointed that they still have a buggy still-in-beta application. Our goal was to make everyone AWARE that gpu based malware IS REAL; and obviously, telling from what's been publicized, we succeeded.

Also, to an individual that commented on an arstechnica article about us. Yes, we're very early in development for both projects, so sit tight and enjoy the show.

Heads up:

  • New and upcoming Windows GPU rootkit PoC on the way @ /WIN_JELLY. We have some source available for anyone interested.

About

GPU keylogger PoC by Team Jellyfish

Resources

Readme

License

GPL-2.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 87.1%
  • Makefile 9.5%
  • Shell 3.4%