Diamorphine Rootkit Signal Privilege Escalation

Posted on 21 February 2020

This Metasploit module uses Diamorphine rootkit's privesc feature using signal 64 to elevate the privileges of arbitrary processes to UID 0 (root). This module has been tested successfully with Diamorphine from master branch (2019-10-04) on Linux Mint 19 kernel 4.15.0-20-generic (x64).