Learn basics of Linux hacking for hacking aspirants Part 12

Ministry Of Defence Technician Recruitment @ www.mod.nic.in

This part will be describing you about the loadable Linux kernel modules. LKM is a very useful things in Linux Administration. It is helpful to reprogram the kernel without recompiling or restart. We can add video & other device drivers in the system without rebooting the system.
LKM is very critical in terms of a hacker because if someone loads a new module to the kernel then not only we can get the admin access but we will be able to control the disk space, processes & ports of the system.
If we provide the user or admin with a new improved software which can take controls of his kernel, then he can easily take over the control of the particular system.
After knowing this, you will become a better system admin or a better hacker.

Kernel Module

Kernel is the heart of an Operating system like Linux. Kernel controls everything in the Linux system. It controls the hardware interactions & other software issues in the computer. Precisely it acts as a mediator between user applications & the hardware of the system.
Kernel is updated sometimes when it is needed. The task it does for the system are changed or updated sometimes when a new device driver comes. This time a LKM comes into the frame. Here we can load or unload kernel modules without recompiling.

kernel modules
kernel modules

Check Kernel

To find which version of kernel is running on our system, there are two methods i.e.
First method is

uname -a

Second method is by using cat command.

cat /proc/version

Kernel Tuning with Sysctl

There are some situations where the kernel needs to be tuned by the admin. This can be done because of changing memory location, setting network configuration or sealing kernel from hackers.
Also ReadLearn basics of Linux hacking for hacking aspirants Part 11
In the modern times, the command sysctl is used to tune kernel. All the changes made by the admin will be effective until the next reboot. You can also save the changes after the reboot. This can be done by editing the  /etc/sysctl.conf file.
But be sure you must know enough about the command else you will make your system unbootable.
To check the contents of the file.

sysctl -a |less

Displays the configuration file.

less /etc/sysctl.conf

Kernel Modules

  • The command used to manage kernel modules is insmod.
  • To insert a modules use insmod & to remove a module use rmmod.
  • To list all the mdules installed in the kernel.



This command will let you see the installed modules in the system.

modprobe -l

remove a module using this command.

modprobe -r

To use these commands we need to understand modules, dependency & other options

ls -l /etc/modprobe.d/

LKM is one of the powerful feature of Linux & the weakest part for the security. A hacker or an admin must be aware to working with this.
Also ReadLearn basics of Linux hacking for hacking aspirants Part 10
That done for now. Like us on Facebook for more Updates & the next part.

Leave a Comment