1
0
Fork 0

Add example kernel exploit skeleton

timestamps
dump_stack() 2018-10-07 12:08:00 +00:00
parent 97842d8753
commit 6991877493
5 changed files with 59 additions and 0 deletions

View File

@ -0,0 +1,12 @@
# out-of-tree configuration file
# docs at https://out-of-tree.io
name = "out-of-tree exploit example"
type = "exploit"
[[supported_kernels]]
# Can be Ubuntu/CentOS/Debian/etc.
distro_type = "Ubuntu"
# regex for `uname -r`
# See also: regex-golang.appspot.com
# stupid way to generate: $ echo '4.4.0-('$(seq 44 | xargs echo | sed 's/ /|/g')')-.*'
release_mask = "4.4.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44)-.*"

View File

@ -0,0 +1,8 @@
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
/* TODO http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5195 */
return EXIT_FAILURE;
}

View File

@ -0,0 +1,8 @@
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
/* TODO run exploit and create file with it */
return EXIT_FAILURE;
}

View File

@ -0,0 +1,26 @@
# out-of-tree called make with four arguments:
# - KERNEL: kernel headers path
# - TARGET_EXPLOIT: name of exploit binary that MUST be produced by makefile.
# - TARGET_TEST: name of test binary that MUST be produced by makefile
# and it's will be runned on a LPE stage. TARGET_TEST MUST accept two argument:
# - Path to exploit binary
# - File that MUST be created with exploit. It uses for test that exploit works
# correctly.
# - VMLINUZ: path to vmlinuz
#
# e.g.:
# make KERNEL=/lib/modules/4.8.0-58-generic/build \
# TARGET_EXPLOIT=nyan-exploit \
# TARGET_TEST=nyan-exploit-test
# VMLINUZ=/boot/vmlinuz-4.8.0-58-generic
TARGET := CVE-2016-5195
TARGET_TEST := CVE-2016-5195_test
all:
gcc CVE-2016-5195.c -o $(TARGET_EXPLOIT)
gcc CVE-2016-5195_test.c -o $(TARGET_TEST)
clean:
rm -f $(TARGET_EXPLOIT)
rm -f $(TARGET_TEST)

View File

@ -0,0 +1,5 @@
# out-of-tree kernel exploit example
Implements CVE-2016-5195 and tests for it.
See .out-of-tree.toml