admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2026-01-02 06:23:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
39 Commits 1 Branch 1 Tag
fc0d30f06f574b0a3a33c6614ee4957bcf67c813
Commit Graph

13 Commits

Author SHA1 Message Date
h3xduck
106f141c7e Added new kprobe to the filesystem ebpf section. Now receiving read events, and storing them in a map for later use, along with a reference to the user-space memory buffer 2022-01-14 21:18:51 -05:00
h3xduck
193d9ec28f Fixed the whole header setup, now correctly using the kernel headers instead of normal development ones. Ready to go on with original plan of file system hooking 2022-01-06 13:31:52 -05:00
h3xduck
4882ce790c [BUILD FAILING] Checkpoint for backup, added new hook for file system, tweaked makefile for real kernel header files inclusion, still not working. Commiting for periodic backup 2022-01-05 20:34:53 -05:00
h3xduck
f8774ac9cf [BUILD IS FAILING] Added file system hooks and other improvements. Uploading because of needing to backup 2022-01-04 20:09:59 -05:00
h3xduck
74873dbca5 Completed configuration module which enables to change the running ebpf modules in the rootkit at runtime. Minor changes and updated code structure 2022-01-04 13:26:13 -05:00
h3xduck
0863566292 Included a global config struct for controlling which hooks and functions of the rootkit should be active. Still work to be done in the bpf side 2021-12-31 09:54:47 -05:00
h3xduck
be9cc95daa Adapted makefile for user includes and new source files 2021-12-24 06:59:30 -05:00
h3xduck
745ec4e395 Updated project structure, and added new list for the next incoming feature. 2021-12-21 20:08:49 -05:00
h3xduck
a1119894cd Made it work with an arbitrary length payload. Generalization with constants.h, now the PoC can be used for any shrinking/enlarging value. Discovered a very curious bug 2021-11-27 17:01:10 -05:00
h3xduck
72fddcac62 Finished adapting the code to tcp packets (+ researched a lot about xdp and ebpf, we should be OK with xdps, found a lot of ideas) 2021-11-23 19:55:44 -05:00
h3xduck
b04200526c Finished xdp ebpf program, successfully showing packets received. Added client from Umbra, it will be the C&C client 2021-11-22 18:58:58 -05:00
h3xduck
23c7331d16 Continued working on first xdp filter, todo make bpf ring buffer work, check udp filter is up ans working 2021-11-21 20:00:43 -05:00
h3xduck
53da2d141d Setup development environment with libbpf 2021-11-20 21:07:23 -05:00