admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-16 07:13:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
232 Commits 1 Branch 1 Tag
master
Commit Graph

232 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
h3xduck
dbdc1cbe9b Merge branch 'master' of https://github.com/h3xduck/TFG 2022-06-20 15:10:35 -04:00
h3xduck
a542bef3b4 Almost completed chapter 6 2022-06-20 15:10:33 -04:00
jet
ad1d8df547 minor edit 2022-06-20 12:02:25 +02:00
h3xduck
5d6619ce40 Finished section 5. Multiple changes in the code according to the performed tests. 2022-06-19 14:35:19 -04:00
h3xduck
bfcbfcfaf2 Added multiple small changes to client and code, submitting almost finished chapter 5 2022-06-18 10:57:10 -04:00
h3xduck
1b766096bf Corrected grammar and spelling mistakes in the whole document 2022-06-17 08:03:26 -04:00
h3xduck
2b719ff0a5 Completed chapter 4 2022-06-16 20:38:15 -04:00
h3xduck
7f4209299c Completed rootkit user space program 2022-06-16 06:35:30 -04:00
h3xduck
e4737b3272 Completed rootkit client and rootkit user program ring buffer 2022-06-15 22:54:20 -04:00
h3xduck
f98f65429b Forgot to modify one appearance of old name 2022-06-15 20:40:18 -04:00
h3xduck
80f334636a Changed the repository (and the rootkit!) name with TripleCross: https://dictionary.cambridge.org/dictionary/english/double-cross. This is 'triple' because it is a BPF program that betrays you at the userspace, at the kernel, and at the network. 2022-06-15 20:33:07 -04:00
h3xduck
75e92445e5 Modified terminal names in the client 2022-06-15 19:09:58 -04:00
h3xduck
bdda5c4269 Modified client options once again for screenshots 2022-06-15 18:42:31 -04:00
h3xduck
b284581712 Further changed some help in the client 2022-06-15 17:48:21 -04:00
h3xduck
081a23a44f Modified the help of the client, this is for making some screenshots 2022-06-15 17:47:00 -04:00
h3xduck
6f2ef04a92 Completed backdoor and c2 section 2022-06-15 15:40:08 -04:00
h3xduck
8f844c748b Completed command and control 2022-06-15 12:45:59 -04:00
h3xduck
f09d6a6989 Continued with c2, bit i didnt like the structure, so it needs to be reformatted 2022-06-14 20:31:57 -04:00
h3xduck
9951f3a3fd Completed execution hijacking, completed first subsection of backdoor 2022-06-14 15:44:21 -04:00
jet
f3a834785a minor change in ch2 2022-06-14 11:36:57 +02:00
jet
473b9af279 ch 3 title change 2022-06-14 11:34:58 +02:00
h3xduck
163f923c55 Continued with execve hijacking. 2022-06-13 22:16:34 -04:00
h3xduck
a1a41b02df Almost completed section about privilege escalation 2022-06-13 15:44:37 -04:00
h3xduck
99ad9c5548 New explanation for the injection technique (alternative scanning process) and added flow diagram with full process. 2022-06-13 10:57:32 -04:00
h3xduck
050684c4d7 Reformatted gitignore and removed some annoying files from cache 2022-06-12 22:50:22 -04:00
h3xduck
71b093141b Further advanced with the library injection, almost finished. Multiple enhancements 2022-06-12 22:34:50 -04:00
h3xduck
0aec74e024 New diagrams, completed rootkit architecture 2022-06-12 08:16:59 -04:00
h3xduck
c14b407644 Added new rootkit overall diagram for architecture section 2022-06-11 22:20:27 -04:00
h3xduck
d7a9b0e777 Updated injection module to ensure shellcode fits in code cave. Added simple reverse shell in injection lib 2022-06-11 18:38:48 -04:00
h3xduck
e697dc867d Updated some style aspects, updated positions of tables and figures, other changes. 2022-06-11 16:32:00 -04:00
h3xduck
e5bb65925d Updated document structure, reformatted multiple chapters, updated chapter and section intros. Separated hardening features into two. Other changes suggested at the meeting, 2022-06-11 13:07:10 -04:00
h3xduck
1595caa8d0 Continued with library injection attack 2022-06-09 22:57:25 -04:00
h3xduck
a46339e912 Finished ROP by jeff dileo 2022-06-08 08:59:32 -04:00
h3xduck
5d67eddfd7 Finished rop explanation 2022-06-07 15:38:42 -04:00
h3xduck
65107f08ae Finished buffer overflow subsection 2022-06-07 12:52:51 -04:00
h3xduck
fd927a7837 Started section about rootkit techniques 2022-06-06 21:53:55 -04:00
h3xduck
92103d234e Finished analysis of offensive capailities (techniques from defcon finally not included, at least for now) 2022-06-06 20:50:28 -04:00
h3xduck
55378027ab Completed memory corruption and continued with networking programs. 2022-06-05 21:20:23 -04:00
h3xduck
3f02cd4996 Continued with memory corruption. Only attacks remaining 2022-06-05 09:01:09 -04:00
h3xduck
d4a881540f Continued with memory corruption study 2022-06-04 08:55:45 -04:00
h3xduck
d184893426 Finished tracing programs part 2022-06-03 21:47:00 -04:00
h3xduck
8bc376e734 Continued with offensive tracing capabilities 2022-06-02 21:07:42 -04:00
h3xduck
2c3648a18a Continued with offensive capabilities, incorporated security features and started with tracing program features 2022-06-02 19:00:10 -04:00
h3xduck
5d5aafb46d Finished SotA 2022-05-28 09:23:41 -04:00
h3xduck
62e8e68dd5 Almost finished with SotA section. libbpf remains too get llvm and some functionality explained. 2022-05-27 20:56:36 -04:00
h3xduck
74e8163791 Continued with eBPF program types 2022-05-26 21:47:28 -04:00
h3xduck
47be741f04 Finished core eBPF section 2022-05-26 15:21:00 -04:00
h3xduck
079601ec22 Completed ebpf verifier 2022-05-26 08:39:45 -04:00
h3xduck
a99c3e0f7d Continued with architecture, finished JIT, remodelled the second section of sSOTA 2022-05-25 22:00:28 -04:00
h3xduck
706198f95b Elaborated on ebpf architecture. Incoming explanation of JIT compiling 2022-05-24 20:53:00 -04:00