out-of-tree kernel {module, exploit} development tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

README.md 3.6KB

2 months ago
8 months ago
10 months ago
8 months ago
8 months ago
10 months ago
10 months ago
8 months ago
8 months ago
8 months ago
8 months ago
9 months ago
9 months ago
9 months ago
8 months ago
8 months ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100
  1. [![Codacy Badge](https://api.codacy.com/project/badge/Grade/aba4aad2046b4d1a9a99cf98e22c018b)](https://app.codacy.com/app/jollheef/out-of-tree?utm_source=github.com&utm_medium=referral&utm_content=jollheef/out-of-tree&utm_campaign=Badge_Grade_Dashboard)
  2. [![Build Status](https://travis-ci.org/jollheef/out-of-tree.svg?branch=master)](https://travis-ci.org/jollheef/out-of-tree)
  3. [![Go Report Card](https://goreportcard.com/badge/code.dumpstack.io/tools/out-of-tree)](https://goreportcard.com/report/code.dumpstack.io/tools/out-of-tree)
  4. [![Documentation Status](https://readthedocs.org/projects/out-of-tree/badge/?version=latest)](https://out-of-tree.readthedocs.io/en/latest/?badge=latest)
  5. [![Donate](https://img.shields.io/badge/donate-paypal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=R8W2UQPZ5X5JE&source=url)
  6. [![Donate](https://img.shields.io/badge/donate-bitcoin-green.svg)](https://blockchair.com/bitcoin/address/bc1q23fyuq7kmngrgqgp6yq9hk8a5q460f39m8nv87)
  7. # [out-of-tree](https://out-of-tree.io)
  8. out-of-tree kernel {module, exploit} development tool
  9. out-of-tree is for automating some routine actions for creating development environments for debugging kernel modules and exploits, generating reliability statistics for exploits, and also provides the ability to easily integrate into CI (Continuous Integration).
  10. ![Screenshot](https://cloudflare-ipfs.com/ipfs/Qmb88fgdDjbWkxz91sWsgmoZZNfVThnCtj37u3mF2s3T3T)
  11. ## Requirements
  12. [Qemu](https://www.qemu.org), [docker](https://docker.com) and [golang](https://golang.org) is required.
  13. Also do not forget to set GOPATH and PATH e.g.:
  14. $ echo 'export GOPATH=$HOME' >> ~/.bashrc
  15. $ echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc
  16. $ source ~/.bashrc
  17. ### Gentoo
  18. # emerge app-emulation/qemu app-emulation/docker dev-lang/go
  19. ### macOS
  20. $ brew install go qemu
  21. $ brew cask install docker
  22. ### Fedora
  23. $ sudo dnf install go qemu moby-engine
  24. Also check out [docker post-installation steps](https://docs.docker.com/install/linux/linux-postinstall/).
  25. ## Build from source
  26. $ go get -u code.dumpstack.io/tools/out-of-tree
  27. Then you can check it on kernel module example:
  28. $ cd $GOPATH/src/code.dumpstack.io/tools/out-of-tree/examples/kernel-module
  29. $ out-of-tree kernel autogen # generate kernels based on .out-of-tree.toml
  30. $ out-of-tree pew
  31. ## Examples
  32. Run by absolute path
  33. $ out-of-tree --path /path/to/exploit/directory pew
  34. Test only with one kernel:
  35. $ out-of-tree pew --kernel='Ubuntu:4.10.0-30-generic'
  36. Run debug environment:
  37. $ out-of-tree debug --kernel='Ubuntu:4.10.0-30-generic'
  38. Test binary module/exploit with implicit defined test ($BINARY_test)
  39. $ out-of-tree pew --binary /path/to/exploit
  40. Test binary module/exploit with explicit defined test
  41. $ out-of-tree pew --binary /path/to/exploit --test /path/to/exploit_test
  42. Guess work kernels:
  43. $ out-of-tree pew --guess
  44. Use custom kernels config
  45. $ out-of-tree --kernels /path/to/kernels.toml pew
  46. Generate all kernels
  47. $ out-of-tree kernel genall --distro Ubuntu --ver 16.04
  48. ## Troubleshooting
  49. If anything happens that you cannot solve -- just remove `$HOME/.out-of-tree`.
  50. But it'll be better if you'll write the bug report.
  51. ## Development
  52. Read [Qemu API](qemu/README.md).
  53. ### Generate images
  54. $ cd $GOPATH/src/code.dumpstack.io/tools/out-of-tree/tools/qemu-debian-img/
  55. $ docker run --privileged -v $(pwd):/shared -e IMAGE=/shared/ubuntu1404.img -e RELEASE=trusty -t gen-ubuntu1804-image
  56. $ docker run --privileged -v $(pwd):/shared -e IMAGE=/shared/ubuntu1604.img -e RELEASE=xenial -t gen-ubuntu1804-image