adore linux rootkit , 版本 0.4。2, 原理:通过lkm实现修改内核,做到文件等的隐藏,运行稳定,值 得研究,特别是其中的思想-adore, version 0.4. 2, Principle : lkm achieve change kernel, so the hidden documents and stable operation, worthy of study, especially the thinking
SHOW FULL COLUMNS FROM `jrk_downrecords` [ RunTime:0.001278s ]
SELECT `a`.`aid`,`a`.`title`,`a`.`create_time`,`m`.`username` FROM `jrk_downrecords` `a` INNER JOIN `jrk_member` `m` ON `a`.`uid`=`m`.`id` WHERE `a`.`status` = 1 GROUP BY `a`.`aid` ORDER BY `a`.`create_time` DESC LIMIT 10 [ RunTime:0.085691s ]
SHOW FULL COLUMNS FROM `jrk_tagrecords` [ RunTime:0.001220s ]
SELECT * FROM `jrk_tagrecords` WHERE `status` = 1 ORDER BY `num` DESC LIMIT 20 [ RunTime:0.001881s ]
SHOW FULL COLUMNS FROM `jrk_member` [ RunTime:0.001161s ]
SELECT `id`,`username`,`userhead`,`usertime` FROM `jrk_member` WHERE `status` = 1 ORDER BY `usertime` DESC LIMIT 10 [ RunTime:0.003567s ]
SHOW FULL COLUMNS FROM `jrk_searchrecords` [ RunTime:0.000985s ]
SELECT * FROM `jrk_searchrecords` WHERE `status` = 1 ORDER BY `num` DESC LIMIT 5 [ RunTime:0.003288s ]
SELECT aid,title,count(aid) as c FROM `jrk_downrecords` GROUP BY `aid` ORDER BY `c` DESC LIMIT 10 [ RunTime:0.015206s ]
SHOW FULL COLUMNS FROM `jrk_articles` [ RunTime:0.001395s ]
UPDATE `jrk_articles` SET `hits` = 1 WHERE `id` = 291540 [ RunTime:0.001378s ]
