tools
/
out-of-tree
Watch 1
Star 0
Fork 0
Code Releases 8 Activity
out-of-tree kernel {module, exploit} development tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
326 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
dump_stack() f92b4e6640
Add dashboard access token 		2 days ago
.github/workflows Add dashboard access token 2 days ago
config Support custom docker commands 4 months ago
docs Move build from source to documentation 3 weeks ago
examples Fix spelling 5 months ago
qemu Add timeout after start qemu for tests 3 weeks ago
tools Add policykit-1 to rootfs 4 months ago
.gitignore Remove snap support 1 year ago
CHANGELOG.md Bump version 4 weeks ago
LICENSE Change license to GNU AGPLv3 1 year ago
README.md Add note about docker group 3 weeks ago
db.go Refactor [2] 5 months ago
debug.go Fix spelling 5 months ago
gen.go Move upstream to code.dumpstack.io 11 months ago
go.mod Generate markdown table statistics for tag 5 months ago
go.sum Generate markdown table statistics for tag 5 months ago
images.config.go Remove bootstrap, download images on-demand 5 months ago
images.go Remove bootstrap, download images on-demand 5 months ago
kernel.go Should return if error occured 3 weeks ago
kernel_linux.go Exclude host kernel generation for macOS 4 months ago
kernel_macos.go Exclude host kernel generation for macOS 4 months ago
log.go Refactor 5 months ago
main.go Bump version 4 weeks ago
pack.go Add flag for verbose output 2 months ago
pew.go Add flag for verbose output 2 months ago
pew_test.go Use go timers for kill docker by timeout, fixes #12 1 year ago

README.md

Codacy Badge Go Report Card Documentation Status Donate Donate

out-of-tree

out-of-tree kernel {module, exploit} development tool

out-of-tree is for automating some routine actions for creating development environments for debugging kernel modules and exploits, generating reliability statistics for exploits, and also provides the ability to easily integrate into CI (Continuous Integration).

Screenshot

Installation

GNU/Linux (with Nix)

$ curl -fsSL https://get.docker.com | sh
$ sudo usermod -aG docker user && newgrp docker
$ curl https://nixos.org/nix/install | sh
$ nix-env -iA nixpkgs.out-of-tree

Note that adding a user to group docker has serious security implications. Check Docker documentation for more information.

macOS

$ brew cask install docker
$ open --background -a Docker && sleep 1m
$ brew tap jollheef/repo
$ brew install out-of-tree

Read documentation for further info.

Examples

Run by absolute path

$ out-of-tree --path /path/to/exploit/directory pew

Test only with one kernel:

$ out-of-tree pew --kernel='Ubuntu:4.10.0-30-generic'

Run debug environment:

$ out-of-tree debug --kernel='Ubuntu:4.10.0-30-generic'

Test binary module/exploit with implicit defined test ($BINARY_test)

$ out-of-tree pew --binary /path/to/exploit

Test binary module/exploit with explicit defined test

$ out-of-tree pew --binary /path/to/exploit --test /path/to/exploit_test

Guess work kernels:

$ out-of-tree pew --guess

Use custom kernels config

$ out-of-tree --kernels /path/to/kernels.toml pew

Generate all kernels

$ out-of-tree kernel genall --distro Ubuntu --ver 16.04

Troubleshooting

If anything happens that you cannot solve -- just remove $HOME/.out-of-tree.

But it’ll be better if you’ll write the bug report.

Development

Read Qemu API.

Generate images

$ cd $GOPATH/src/code.dumpstack.io/tools/out-of-tree/tools/qemu-debian-img/
$ docker run --privileged -v $(pwd):/shared -e IMAGE=/shared/ubuntu1404.img -e RELEASE=trusty -t gen-ubuntu1804-image
$ docker run --privileged -v $(pwd):/shared -e IMAGE=/shared/ubuntu1604.img -e RELEASE=xenial -t gen-ubuntu1804-image