Cockpit

Cockpit是CentOS 8内置的一款基于Web的可视化管理工具，对一些常见的命令行管理操作都有界面支持，比如用户管理、防火墙管理、服务器资源监控等，使用非常方便，号称人人可用的Linux管理工具。

（13）隐藏进程

ZwQuerySystemInformation() API，是ntdll的一个函数，它可以获取系统的所有进程信息，并形成一个链表。我们通过任务管理器看到的当前进程信息，就是显示的这个链表信息。修改链表便可以隐藏目标进程，全局钩取所有ZwQuerySystemInformation() API，让目标进程对所有进程查看工具都隐藏。

InjectDll.exe这款dll注入工具，将目标dll注入目标进程。

HideProc.exe这款工具，将目标dll注入当前所有进程。

全局钩取则是将dll注入所有进程，不管这个进程是何时创建的，详细可以看https://mp.weixin.qq.com/s/qvHnOb9uS1cuNup01Wpo4Q

https://mp.weixin.qq.com/s/p4r9hPHnNTK5EKcWIAL8Vw

https://www.baidu.com/baidu.php?url=0s0000aPch_Smgbn9fGANskGWw14k6UZL4ddCFpjOxqlI1ohBUfSXj9azvrD00DZdddSjCd1cU4Ds8HbfZM4hWpIxZ7LsGSioacdjHDT8I9p1js7u5AIXpRSpvCl_CW6lafLo5vF_g8horif7uUQ81Rxu8V3GMgQrMmigrZ12JyaUCvHRmv4qZ5Qp0xoBbXw4rcMLL3-O870-QjMZR3EzmzhA9YE.7Y_NR2Ar5Od66qWtv8Be6wKUKlmRkkqt7jHzk8sHfGmEukmr8a9G4I2UM3PQArZo6CpXy7MHWuxJBmqn2m3S8a9G4mgwRDkRA2n5gKfYtVKnv-W6IPvllQ8Ki_nYQ7X1WvNJ.U1Yk0ZDqIvqzpLIGU6Kspynqn0KY5gIEThVhUAqL0A-V5HczPfKM5yqbXWD0Iybqmh7GuZR0TA-b5HD0mv-b5Hn3PfKVIjYknjDLg1DsnH-xnW0dnNt1nWc3g1nvnjD0pvbqn0KzIjYdn1D0mhbqnHR3g1csP7tdnjn0UynqnHbkrjRsnjbLn7tknjD4g1csPH7xnH0zg100TgKGujYs0Z7Wpyfqn0KzuLw9u1Ys0A7B5HKxn0K-ThTqn6KsTjYs0A4vTjYsQW0snj0snj0s0AdYTjYs0AwbUL0qn0KzpWYs0Aw-IWdsmsKhIjYs0ZKC5H00ULnqn0KBI1Ykn0K8IjYs0ZPl5fK9TdqGuAnqTZnVmhwbX0KGuAnqiDF70ZKCIZbq0Zw9ThI-IjYvndtsg1Tdn0KYIgnqnHRvrHTLrHDYnHTzPWTkPHTzP100ThNkIjYkPWfvPj6sP1bvnHc10ZPGujY4PH01nyP-nj0snH99PhP-0AP1UHdKPj9jwj-Kn1cLnHwarHTY0A7W5HD0TA3qn0KkUgfqn0KkUgnqn0KlIjYs0AdWgvuzUvYqn7tsg1Kxn7ts0Aw9UMNBuNqsUA78pyw15HKxn7tsg1R1rHDdrHuxn0Ksmgwxuhk9u1Ys0AwWpyfqn0K-IA-b5iYk0A71TAPW5H00IgKGUhPW5H00Tydh5H00uhPdIjYs0A-1mvsqn0K9uAu_myTqnfK_uhnqn0KbmvPb5fKYTh7buHYLPH0LnjD0mhwGujYYPHfkPjIjnYR1nWRkf1D3fHTLPYPjnWIjwbNKrjNjw6KEm1Yk0AFY5H00Uv7YI1Ys0AqY5H00ULFsIjYsc10Wc10Wnansc108nj0snj0sc10WnansczYWna3snj0snj0Wni3sn10knjn0XZPYIHYznH6YPW64P6KkgLmqna3zndtsQW0sg108njKxna3sP7tsQW0dg108rj-xna3sndts0AF1gLKzUvwGujYs0ZFEpyu_myTqn0KWIWY0pgPxmLK95H00mL0qn0K-TLfqn0KWThnqnHndnH6&us=newvui&xst=mWYYPHfkPjIjnYR1nWRkf1D3fHTLPYPjnWIjwbNKrjNjw6715HDsP1nLPjRLPW6YrH6knWmznjnsg1czPNts0gTqIvqzpvu_ULTKTHdLULFoIv-80gRqnWD3Pjm3rHmKIjYkPWfvPj6sP1bv0ydk5H0an0cV0yPC5yuWgLKW0ykd5H0Kmv3qmh7GuZRKn1RLn1f4nWcvr0&word=&ck=5834.25.102.316.152.584.206.1493&shh=www.baidu.com&sht=baidu&wd=&bc=110101