admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-18 07:53:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
0aec74e024f235848e8d709e02288d5fadc8355f
TripleCross/docs/chapters/annex.tex

142 lines
7.1 KiB
TeX
Raw Normal View History

Updated document structure, reformatted multiple chapters, updated chapter and section intros. Separated hardening features into two. Other changes suggested at the meeting,
2022-06-11 13:07:10 -04:00
%----------
% ANEX
%----------
%M-> Mentioned putting some demos and PoCs here...
%
%Including bpftool commands here to be referenced. Is it a good idea?
\chapter* {Appendix A - Bpftool commands} \label{annex:bpftool_flags_kernel}
\pagenumbering{gobble} % Las páginas de los anexos no se numeran
\section*{eBPF-related kernel compilation flags}
\begin{lstlisting}[language=bash]
$ bpftool feature
\end{lstlisting}
\begin{verbatim}
CONFIG_BPF is set to y
CONFIG_BPF_SYSCALL is set to y
CONFIG_HAVE_EBPF_JIT is set to y
CONFIG_BPF_JIT is set to y
CONFIG_BPF_JIT_ALWAYS_ON is set to y
CONFIG_CGROUPS is set to y
CONFIG_CGROUP_BPF is set to y
CONFIG_CGROUP_NET_CLASSID is set to y
CONFIG_SOCK_CGROUP_DATA is set to y
CONFIG_BPF_EVENTS is set to y
CONFIG_KPROBE_EVENTS is set to y
CONFIG_UPROBE_EVENTS is set to y
CONFIG_TRACING is set to y
CONFIG_FTRACE_SYSCALLS is set to y
CONFIG_FUNCTION_ERROR_INJECTION is set to y
CONFIG_BPF_KPROBE_OVERRIDE is set to y
CONFIG_NET is set to y
CONFIG_XDP_SOCKETS is set to y
CONFIG_LWTUNNEL_BPF is set to y
CONFIG_NET_ACT_BPF is set to m
CONFIG_NET_CLS_BPF is set to m
CONFIG_NET_CLS_ACT is set to y
CONFIG_NET_SCH_INGRESS is set to m
CONFIG_XFRM is set to y
CONFIG_IP_ROUTE_CLASSID is set to y
CONFIG_IPV6_SEG6_BPF is set to y
CONFIG_BPF_LIRC_MODE2 is not set
CONFIG_BPF_STREAM_PARSER is set to y
CONFIG_NETFILTER_XT_MATCH_BPF is set to m
CONFIG_BPFILTER is set to y
CONFIG_BPFILTER_UMH is set to m
CONFIG_TEST_BPF is set to m
CONFIG_HZ is set to 250
\end{verbatim}
\chapter* {Appendix B - Readelf commands} \label{annex:readelf_commands}
\pagenumbering{gobble} % Las páginas de los anexos no se numeran
\section*{Section headers in ELF file} \label{annexsec:readelf_sec_headers}
\begin{lstlisting}[language=bash, caption={List of ELF section headers with readelf tool of a program compiled with GCC.}, label={code:elf_sections}]
$ readelf -S simple_timer
There are 36 section headers, starting at offset 0x4120:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000400318 00000318
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.gnu.pr[...] NOTE 0000000000400338 00000338
0000000000000030 0000000000000000 A 0 0 8
[ 3] .note.gnu.bu[...] NOTE 0000000000400368 00000368
0000000000000024 0000000000000000 A 0 0 4
[ 4] .note.ABI-tag NOTE 000000000040038c 0000038c
0000000000000020 0000000000000000 A 0 0 4
[ 5] .gnu.hash GNU_HASH 00000000004003b0 000003b0
000000000000001c 0000000000000000 A 6 0 8
[ 6] .dynsym DYNSYM 00000000004003d0 000003d0
0000000000000108 0000000000000018 A 7 1 8
[ 7] .dynstr STRTAB 00000000004004d8 000004d8
00000000000000ad 0000000000000000 A 0 0 1
[ 8] .gnu.version VERSYM 0000000000400586 00000586
0000000000000016 0000000000000002 A 6 0 2
[ 9] .gnu.version_r VERNEED 00000000004005a0 000005a0
0000000000000050 0000000000000000 A 7 1 8
[10] .rela.dyn RELA 00000000004005f0 000005f0
0000000000000030 0000000000000018 A 6 0 8
[11] .rela.plt RELA 0000000000400620 00000620
00000000000000c0 0000000000000018 AI 6 24 8
[12] .init PROGBITS 0000000000401000 00001000
000000000000001b 0000000000000000 AX 0 0 4
[13] .plt PROGBITS 0000000000401020 00001020
0000000000000090 0000000000000010 AX 0 0 16
[14] .plt.sec PROGBITS 00000000004010b0 000010b0
0000000000000080 0000000000000010 AX 0 0 16
[15] .text PROGBITS 0000000000401130 00001130
00000000000004c5 0000000000000000 AX 0 0 16
[16] .fini PROGBITS 00000000004015f8 000015f8
000000000000000d 0000000000000000 AX 0 0 4
[17] .rodata PROGBITS 0000000000402000 00002000
00000000000000a5 0000000000000000 A 0 0 8
[18] .eh_frame_hdr PROGBITS 00000000004020a8 000020a8
000000000000004c 0000000000000000 A 0 0 4
[19] .eh_frame PROGBITS 00000000004020f8 000020f8
0000000000000120 0000000000000000 A 0 0 8
[20] .init_array INIT_ARRAY 0000000000403e10 00002e10
0000000000000008 0000000000000008 WA 0 0 8
[21] .fini_array FINI_ARRAY 0000000000403e18 00002e18
0000000000000008 0000000000000008 WA 0 0 8
[22] .dynamic DYNAMIC 0000000000403e20 00002e20
00000000000001d0 0000000000000010 WA 7 0 8
[23] .got PROGBITS 0000000000403ff0 00002ff0
0000000000000010 0000000000000008 WA 0 0 8
[24] .got.plt PROGBITS 0000000000404000 00003000
0000000000000058 0000000000000008 WA 0 0 8
[25] .data PROGBITS 0000000000404058 00003058
0000000000000014 0000000000000000 WA 0 0 8
[26] .bss NOBITS 0000000000404070 0000306c
0000000000000020 0000000000000000 WA 0 0 16
[27] .comment PROGBITS 0000000000000000 0000306c
0000000000000025 0000000000000001 MS 0 0 1
[28] .debug_aranges PROGBITS 0000000000000000 00003091
0000000000000030 0000000000000000 0 0 1
[29] .debug_info PROGBITS 0000000000000000 000030c1
0000000000000295 0000000000000000 0 0 1
[30] .debug_abbrev PROGBITS 0000000000000000 00003356
00000000000000fd 0000000000000000 0 0 1
[31] .debug_line PROGBITS 0000000000000000 00003453
000000000000024d 0000000000000000 0 0 1
[32] .debug_str PROGBITS 0000000000000000 000036a0
00000000000001f5 0000000000000001 MS 0 0 1
[33] .symtab SYMTAB 0000000000000000 00003898
0000000000000480 0000000000000018 34 22 8
[34] .strtab STRTAB 0000000000000000 00003d18
00000000000002a2 0000000000000000 0 0 1
[35] .shstrtab STRTAB 0000000000000000 00003fba
000000000000015f 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
l (large), p (processor specific)
\end{lstlisting}
Reference in New Issue Copy Permalink