1
0
Fork 0
out-of-tree kernel {module, exploit} development tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
Go to file
dump_stack() a0ee660e50
Add artifact config flag
7 days ago
.github/workflows Fix package name 2 weeks ago
config Add alecthomas/kong support for config 1 week ago
docs Move build from source to documentation 3 years ago
examples Use upstream lkrg 2 years ago
qemu Switch to Ubuntu 22.04 for testing 3 weeks ago
tools Switch to Ubuntu 22.04 for testing 3 weeks ago
.gitignore Ignore binary 2 weeks ago
CHANGELOG.md Add artifact config flag 7 days ago
LICENSE Change license to GNU AGPLv3 4 years ago
README.md Switch to Ubuntu 22.04 for testing 3 weeks ago
db.go Show last log if no ID specified 3 years ago
debug.go Refactor command line interface 1 week ago
gen.go Refactor command line interface 1 week ago
go.mod Add alecthomas/kong support for config 1 week ago
go.sum Add alecthomas/kong support for config 1 week ago
images.config.go Remove bootstrap, download images on-demand 4 years ago
images.go Remove bootstrap, download images on-demand 4 years ago
kernel.go Add missing flags, refactor 1 week ago
kernel_linux.go Exclude host kernel generation for macOS 3 years ago
kernel_macos.go Exclude host kernel generation for macOS 3 years ago
log.go Refactor command line interface 1 week ago
main.go Refactor command line interface 1 week ago
pack.go Add missing flags, refactor 1 week ago
pew.go Add artifact config flag 7 days ago
pew_test.go Use go timers for kill docker by timeout, fixes #12 4 years ago
preload.go Refactor command line interface 1 week ago
shell.nix Add shell.nix 3 weeks ago

README.md

Codacy Badge Go Report Card Documentation Status

out-of-tree

out-of-tree kernel {module, exploit} development tool

out-of-tree is for automating some routine actions for creating development environments for debugging kernel modules and exploits, generating reliability statistics for exploits, and also provides the ability to easily integrate into CI (Continuous Integration).

Screenshot

Installation

GNU/Linux (with Nix)

$ curl -fsSL https://get.docker.com | sh
$ sudo usermod -aG docker user && newgrp docker
$ curl -L https://nixos.org/nix/install | sh
$ nix-env -iA nixpkgs.out-of-tree

Note that adding a user to group docker has serious security implications. Check Docker documentation for more information.

macOS

$ brew cask install docker
$ open --background -a Docker && sleep 1m
$ brew tap jollheef/repo
$ brew install out-of-tree

Read documentation for further info.

Examples

Run by absolute path

$ out-of-tree --path /path/to/exploit/directory pew

Test only with one kernel:

$ out-of-tree pew --kernel='Ubuntu:5.4.0-29-generic

Run debug environment:

$ out-of-tree debug --kernel='Ubuntu:5.4.0-29-generic

Test binary module/exploit with implicit defined test ($BINARY_test)

$ out-of-tree pew --binary /path/to/exploit

Test binary module/exploit with explicit defined test

$ out-of-tree pew --binary /path/to/exploit --test /path/to/exploit_test

Guess work kernels:

$ out-of-tree pew --guess

Use custom kernels config

$ out-of-tree --kernels /path/to/kernels.toml pew

Generate all kernels

$ out-of-tree kernel genall --distro Ubuntu --ver 22.04

Development

Read Qemu API.