admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2026-01-02 14:33:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
67 Commits 1 Branch 1 Tag
748062f464247181a7ed8d70bd00af260b451b1a
Commit Graph

21 Commits

Author SHA1 Message Date
h3xduck
748062f464 Adapted memory analysis to larger memory addresses inside the virtual address space. Solved bugs and others, adapting code for RELRO. 2022-04-04 17:07:45 -04:00
h3xduck
8f28c3a883 Updated helpers and added resources to help with lib injection 2022-03-24 15:40:05 -04:00
h3xduck
9dff5e71dc Included offset and extraction of interesting functions 2022-03-17 21:41:40 -04:00
h3xduck
0fbcb8bdf7 Fixed probe not probing correct syscall entry 2022-03-17 19:36:25 -04:00
h3xduck
fcf43ff180 Finished extraction of return address from the stack, and libc syscall adress 2022-03-17 19:32:32 -04:00
h3xduck
9647972531 Finished extraction of stack return address 2022-03-17 13:18:19 -04:00
h3xduck
671e2d671d Added extraction of original jump instruction and opcodes 2022-03-15 18:36:59 -04:00
h3xduck
0c88d5baa9 Successfully added uprobes calculation and hooking at arbitrary function of execve_hijack. 2022-03-03 05:53:51 -05:00
h3xduck
e64839f080 Added new libc symbols extraction 2022-03-02 19:00:50 -05:00
h3xduck
805fa760cf Corrected issues of opening directories without permission in execve helper 2022-02-24 19:53:11 -05:00
h3xduck
b182ac1eeb Added new TC module, updates to the exec hooking system and the userland module 2022-02-20 16:50:15 -05:00
h3xduck
1ec4ed8486 Now the execve hijacker works without needing a canalizer. Removed it. Also some additional tweaks to the c&c launching of the helper 2022-02-19 11:57:32 -05:00
h3xduck
130364e6ab Added support for integrating the execution hijacker via the rootkit. Still some work to do, also changed some config from fs which needs to be reverted 2022-02-18 09:08:54 -05:00
h3xduck
0e022a8385 Completed execution of arbitrary commands sent from the backdoor client 2022-02-18 04:06:18 -05:00
h3xduck
b68e01c057 Finished pseudo-connection between client and rootkit backdoor. Updated library to latest version. 2022-02-18 03:32:07 -05:00
h3xduck
9a47a2b15a Completed client integration with new c&c module. 2022-02-17 06:21:09 -05:00
h3xduck
431a019931 Updated my RawTCPLib library with newest version supporting sniffing for payloads. Also new data in preparation for complete RCE module 2022-02-16 19:38:39 -05:00
h3xduck
2ae705f037 Added new map structure, in preparation for new internal maps storing requested commands via the network backdoor 2022-02-14 20:08:30 -05:00
h3xduck
edbaf09c06 Completed execve hijacking, as with special error cases that arise and that are documented in the code. 2022-02-14 17:45:07 -05:00
h3xduck
044c85f3ff Initial version of the RCE scheme- Added complete execve hook, helper and modifying capabilities for the filename called. Works still needs to be done 2022-02-06 14:15:57 -05:00
h3xduck
05baa8fb8a Added new helper program to be used with the execve hijacking module 2022-02-05 19:00:25 -05:00