r00t!x worm in action! [Inspired by STUXNET]


The worm was created for the purpose of proof of concept only. Rootix worm was never intended for malicious reason, but only for educational purposes. The source code of the r00t!x worm is developed by M U Suraj (#r00t) and the code to this worm will never be made public.The following video is just a proof of concept video of the worm in action on my own network under my own risk.


Stuxnet is a malicious computer worm which had an array of capabilities like nothing ever before. I was inspired by the creation and wanted to gain knowledge,so i made a small version of it and named it “r00t!x”.

(WHY r00t!x? => because it starts with my alias, lol)


The worm propagates via a remote exploit for a custom server (made for p0c) and also ssh. The worm can infects Linux, Windows, Android and establishes a backdoor for later use (by attacker or worm itself). The main function is its complex rootkit design, loaded to only Linux machines as a device driver and manipulate the GPIO function calls. The control is sent to a C&C server running on the attacker’s machine.

PAYLOADs : JS injection, Backdoor(all 3 operating systems), Steal entire info of the android device (contacts, messages, pattern crack etc..), RPi GPIO manipulation (similar to STUXNET overriding the PLCs controlling nuclear centrifuges and blowing them up).

here is the proof of concept video…


more info:

-> INTRO on STUXNET: https://www.youtube.com/watch?v=7g0pi4J8auQ/

-> Ralph Langer TED Talk : https://www.youtube.com/watch?v=CS01Hmjv1pQ/

-> STUXNET Demo : https://www.youtube.com/watch?v=cf0jlzVCyOI/






Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s