diff options
| author |   Biswa Kalyan Bhuyan <biswa@surgot.in>
| 2025-04-17 08:21:29 +0530 |
|---|---|---|
| committer | Biswa Kalyan Bhuyan <biswa@surgot.in>
| 2025-04-17 08:21:29 +0530 |
| commit | 7a709eb44a353929f97750268b7cfbe934b784a0 (patch) | |
| tree | 55c9aea8de081c634f5dc53d802faf63e6d042b8 /force_unload.sh | |
| parent | 9a53dbd03bfb9d1b1c76cef9a5a3f6fa051de396 (diff) | |
| download | rootkit-master.tar.gz rootkit-master.tar.bz2 rootkit-master.zip | |
Diffstat (limited to 'force_unload.sh')
| -rwxr-xr-x | force_unload.sh | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/force_unload.sh b/force_unload.sh new file mode 100755 index 0000000..1d9b8cc --- /dev/null +++ b/force_unload.sh @@ -0,0 +1,88 @@ +#!/bin/bash + +# force_unload.sh - Force unload the stealth_launcher module when it's stuck +# Usage: sudo ./force_unload.sh + +# Check if user is root +if [ "$EUID" -ne 0 ]; then + echo "This script must be run as root" + exit 1 +fi + +# Check if the module is loaded +if ! lsmod | grep -q "stealth_launcher"; then + echo "The stealth_launcher module is not loaded" + exit 0 +fi + +# Try normal rmmod first +echo "Attempting normal module removal..." +rmmod stealth_launcher 2>/dev/null + +# Check if it worked +if ! lsmod | grep -q "stealth_launcher"; then + echo "Module successfully unloaded" + exit 0 +fi + +# Make sure the module parameters directory exists +if [ ! -d "/sys/module/stealth_launcher/parameters" ]; then + echo "Module parameters directory not found. Trying force removal..." + rmmod -f stealth_launcher + + if ! lsmod | grep -q "stealth_launcher"; then + echo "Module successfully unloaded using rmmod -f" + exit 0 + else + echo "Failed to unload module even with force. You may need to reboot." + exit 1 + fi +fi + +# Try method 1: Use the force_unload parameter +echo "Module is busy. Attempting force unload via parameter..." +echo 1 > /sys/module/stealth_launcher/parameters/force_unload 2>/dev/null + +# Wait a moment +sleep 2 + +# Try rmmod again +rmmod stealth_launcher 2>/dev/null + +# Check if it worked +if ! lsmod | grep -q "stealth_launcher"; then + echo "Module successfully unloaded" + exit 0 +fi + +# Try method 2: Kill any processes that might be keeping module busy +echo "Module still busy. Trying to terminate related processes..." +ps aux | grep -e "sleep" -e "bash" | grep -v grep | awk '{print $2}' | xargs -r kill -9 2>/dev/null + +# Wait a moment +sleep 1 + +# Try rmmod again +rmmod stealth_launcher 2>/dev/null + +# Check if it worked +if ! lsmod | grep -q "stealth_launcher"; then + echo "Module successfully unloaded after killing processes" + exit 0 +fi + +# Method 3: Force removal as last resort +echo "Attempting force removal as last resort..." +rmmod -f stealth_launcher 2>/dev/null + +# Check if it worked +if ! lsmod | grep -q "stealth_launcher"; then + echo "Module successfully unloaded using rmmod -f" + exit 0 +else + echo "Failed to unload module. You may need to reboot." + echo "Before rebooting, try these commands manually:" + echo " sudo kill -9 \$(lsof -t /dev/stealth_launcher 2>/dev/null)" + echo " sudo rmmod -f stealth_launcher" + exit 1 +fi
\ No newline at end of file |