In this article, we are going to see how to Detect and Check Rootkits with Chkrootkit and rkhunter in Kali Linux.
Method 1: Using chkrootkit
chkrootkit: It is a free and open-source antivirus tool available on GitHub. This tool checks locally in the binary system of your machine and scans your Linux server for a trojan. chkrootkit is a shell script which checks system binaries for rootkit modification. This tool is used for scanning botnets, rootkits, malware, etc. This tool is completely tested on Linux 2.0.x, 2.2.x, 2.4.x, 2.6.x, and 3.x.x, FreeBSD 2.2.x, 3.x, 4.x, 5.x and 7.x, OpenBSD 2.x, 3.x and 4.x., NetBSD 1.6.x, Solaris 2.5.1, 2.6, 8.0 and 9.0, HP-UX 11, Tru64, BSDI and Mac OS X. This tool comes under General Public License (GPL).
Step 1: Open your kali Linux operating system and use the following command to install the tool.
git clone https://github.com/Magentron/chkrootkit.git
Step 2: Now use the following command to run the tool.
The tool has started checking whether the files are infected or not. in a similar way, you can also download and scan your local machine for trojans. This tool only works on Linux or Linux distributions.
Method 2: Using Rk-hunter
rkhunter: It (Rootkit Hunter) is a free and open-source Unix-based tool that scans for rootkits. This tool can be used for backdoors and possible local exploits. This tool rkhunter is a shell script which carries out various checks on the local system to try and detect known rootkits and malware.
Step 1: Download and install the tool using the following command.
Step 2: Use the following command to unzip the tool.
tar -xvf rkhunter-1.4.6.tar.gz
Step 3: Use the following command to run the tool.
The tool has started checking whether the files are infected or not. Similarly, you can also download and scan your local machine for trojans. This tool only works in Linux or Linux distributions.