KernelRootkit class
Kernel mode rootkit signatures.
Constructors
- KernelRootkit({String? name, bool? unexpectedCodeModification, bool? unexpectedFtraceHandler, bool? unexpectedInterruptHandler, bool? unexpectedKernelCodePages, bool? unexpectedKprobeHandler, bool? unexpectedProcessesInRunqueue, bool? unexpectedReadOnlyDataModification, bool? unexpectedSystemCallHandler})
- KernelRootkit.fromJson(Map json_)
Properties
- hashCode → int
-
The hash code for this object.
no setterinherited
- name ↔ String?
-
Rootkit name, when available.
getter/setter pair
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
- unexpectedCodeModification ↔ bool?
-
True if unexpected modifications of kernel code memory are present.
getter/setter pair
- unexpectedFtraceHandler ↔ bool?
-
True if
ftracepoints are present with callbacks pointing to regions that are not in the expected kernel or module code range.getter/setter pair - unexpectedInterruptHandler ↔ bool?
-
True if interrupt handlers that are are not in the expected kernel or
module code regions are present.
getter/setter pair
- unexpectedKernelCodePages ↔ bool?
-
True if kernel code pages that are not in the expected kernel or module
code regions are present.
getter/setter pair
- unexpectedKprobeHandler ↔ bool?
-
True if
kprobepoints are present with callbacks pointing to regions that are not in the expected kernel or module code range.getter/setter pair - unexpectedProcessesInRunqueue ↔ bool?
-
True if unexpected processes in the scheduler run queue are present.
getter/setter pair
- unexpectedReadOnlyDataModification ↔ bool?
-
True if unexpected modifications of kernel read-only data memory are
present.
getter/setter pair
- unexpectedSystemCallHandler ↔ bool?
-
True if system call handlers that are are not in the expected kernel or
module code regions are present.
getter/setter pair
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toJson(
) → Map< String, dynamic> -
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited