6 Commits

Author	SHA1	Message	Date
h3xduck	130364e6ab	Added support for integrating the execution hijacker via the rootkit. Still some work to do, also changed some config from fs which needs to be reverted	2022-02-18 09:08:54 -05:00
h3xduck	044c85f3ff	Initial version of the RCE scheme- Added complete execve hook, helper and modifying capabilities for the filename called. Works still needs to be done	2022-02-06 14:15:57 -05:00
h3xduck	41ef733520	Completed faking that an user is in the sudoers file. Now user 'test' can use sudo without being there	2022-02-05 14:10:12 -05:00
h3xduck	643783004a	Added new hooks and updated map fields to support new sudo module.	2022-02-05 13:49:20 -05:00
h3xduck	fc0d30f06f	Completed output modification of sys_read. Created a simple PoC	2022-01-16 06:45:45 -05:00
h3xduck	d5478ed7a0	Added more communication utils between userspace and kernel: ... * Included maps and kernel ring buffer communication * Extended the ebpf structure to include more modules * New utils in both user and kernelspace * Other changes * This update precedes a great effort on researching and learning and linux kernel tracing and studing ebpfkit from defcon. More functionalities should come rather quickly now.	2021-12-29 14:44:09 -05:00