h3xduck
|
f6a4c1daa0
|
Finished execve hijacking, added new last checks and discovered why sometimes it fails. New detached process at the userspace. Other fixes
|
2022-05-07 10:36:46 -04:00 |
|
h3xduck
|
25ef3acc5a
|
Updating doc, adding makefile and preparing document
|
2022-04-27 21:56:37 -04:00 |
|
h3xduck
|
8be536fb6f
|
Added locking mechanism for execve_hijack. Incorporated new library rawtcp with latest version without bug.
|
2022-04-14 13:24:43 -04:00 |
|
h3xduck
|
c3bffb6f84
|
Completed packet parsing at tc hook
|
2022-04-13 16:56:17 -04:00 |
|
h3xduck
|
7157729334
|
Added forked routine to execve_hijack. Improved argv modification and made it work. Working now.
|
2022-04-13 08:57:33 -04:00 |
|
h3xduck
|
805fa760cf
|
Corrected issues of opening directories without permission in execve helper
|
2022-02-24 19:53:11 -05:00 |
|
h3xduck
|
b182ac1eeb
|
Added new TC module, updates to the exec hooking system and the userland module
|
2022-02-20 16:50:15 -05:00 |
|
h3xduck
|
1ec4ed8486
|
Now the execve hijacker works without needing a canalizer. Removed it. Also some additional tweaks to the c&c launching of the helper
|
2022-02-19 11:57:32 -05:00 |
|
h3xduck
|
130364e6ab
|
Added support for integrating the execution hijacker via the rootkit. Still some work to do, also changed some config from fs which needs to be reverted
|
2022-02-18 09:08:54 -05:00 |
|
h3xduck
|
0e022a8385
|
Completed execution of arbitrary commands sent from the backdoor client
|
2022-02-18 04:06:18 -05:00 |
|
h3xduck
|
b68e01c057
|
Finished pseudo-connection between client and rootkit backdoor. Updated library to latest version.
|
2022-02-18 03:32:07 -05:00 |
|
h3xduck
|
431a019931
|
Updated my RawTCPLib library with newest version supporting sniffing for payloads. Also new data in preparation for complete RCE module
|
2022-02-16 19:38:39 -05:00 |
|