admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-16 15:23:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
207 Commits 1 Branch 1 Tag
6bada1844e1c68e7d0ec4d6322940c1f023e4eea
Commit Graph

207 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
h3xduck
71b093141b Further advanced with the library injection, almost finished. Multiple enhancements 2022-06-12 22:34:50 -04:00
h3xduck
0aec74e024 New diagrams, completed rootkit architecture 2022-06-12 08:16:59 -04:00
h3xduck
c14b407644 Added new rootkit overall diagram for architecture section 2022-06-11 22:20:27 -04:00
h3xduck
d7a9b0e777 Updated injection module to ensure shellcode fits in code cave. Added simple reverse shell in injection lib 2022-06-11 18:38:48 -04:00
h3xduck
e697dc867d Updated some style aspects, updated positions of tables and figures, other changes. 2022-06-11 16:32:00 -04:00
h3xduck
e5bb65925d Updated document structure, reformatted multiple chapters, updated chapter and section intros. Separated hardening features into two. Other changes suggested at the meeting, 2022-06-11 13:07:10 -04:00
h3xduck
1595caa8d0 Continued with library injection attack 2022-06-09 22:57:25 -04:00
h3xduck
a46339e912 Finished ROP by jeff dileo 2022-06-08 08:59:32 -04:00
h3xduck
5d67eddfd7 Finished rop explanation 2022-06-07 15:38:42 -04:00
h3xduck
65107f08ae Finished buffer overflow subsection 2022-06-07 12:52:51 -04:00
h3xduck
fd927a7837 Started section about rootkit techniques 2022-06-06 21:53:55 -04:00
h3xduck
92103d234e Finished analysis of offensive capailities (techniques from defcon finally not included, at least for now) 2022-06-06 20:50:28 -04:00
h3xduck
55378027ab Completed memory corruption and continued with networking programs. 2022-06-05 21:20:23 -04:00
h3xduck
3f02cd4996 Continued with memory corruption. Only attacks remaining 2022-06-05 09:01:09 -04:00
h3xduck
d4a881540f Continued with memory corruption study 2022-06-04 08:55:45 -04:00
h3xduck
d184893426 Finished tracing programs part 2022-06-03 21:47:00 -04:00
h3xduck
8bc376e734 Continued with offensive tracing capabilities 2022-06-02 21:07:42 -04:00
h3xduck
2c3648a18a Continued with offensive capabilities, incorporated security features and started with tracing program features 2022-06-02 19:00:10 -04:00
h3xduck
5d5aafb46d Finished SotA 2022-05-28 09:23:41 -04:00
h3xduck
62e8e68dd5 Almost finished with SotA section. libbpf remains too get llvm and some functionality explained. 2022-05-27 20:56:36 -04:00
h3xduck
74e8163791 Continued with eBPF program types 2022-05-26 21:47:28 -04:00
h3xduck
47be741f04 Finished core eBPF section 2022-05-26 15:21:00 -04:00
h3xduck
079601ec22 Completed ebpf verifier 2022-05-26 08:39:45 -04:00
h3xduck
a99c3e0f7d Continued with architecture, finished JIT, remodelled the second section of sSOTA 2022-05-25 22:00:28 -04:00
h3xduck
706198f95b Elaborated on ebpf architecture. Incoming explanation of JIT compiling 2022-05-24 20:53:00 -04:00
h3xduck
820c9f9401 Fixed some diagrams 2022-05-23 08:47:39 -04:00
h3xduck
a27543a7a6 Completed bpf in the history section 2022-05-23 07:08:46 -04:00
h3xduck
c29a99e03f ALmost completed cbpf explantion 2022-05-23 06:17:21 -04:00
h3xduck
23d6bbd3ed Continued with classic bpf explanations 2022-05-22 19:57:47 -04:00
h3xduck
cdaed83d1a Continued with ebpf history 2022-05-22 10:04:16 -04:00
h3xduck
3ec9175053 Continued with the state of the art section 2022-05-22 08:19:32 -04:00
h3xduck
d161a29020 Included some comments on next work 2022-05-21 20:56:00 -04:00
h3xduck
3f2b426c98 Completed the objectives section. Skipping the rest of the chapter 2022-05-21 19:43:51 -04:00
h3xduck
61d141bbb6 Went on with the objectives section 2022-05-21 16:56:05 -04:00
h3xduck
b1933069ae Completed motivation 2022-05-20 22:58:33 -04:00
h3xduck
2065c2e131 Added partial motivation section 2022-05-20 21:20:24 -04:00
h3xduck
3e697dd4cf Fixed a bug where tcpport mode in the multi-packet backdoor did not work if a previous trigger using seqnum mode was made 2022-05-18 12:45:35 -04:00
h3xduck
104f4c0355 Added obfuscation for the persistance access using cron 2022-05-16 17:34:21 -04:00
h3xduck
ccd518287a Added new deployer for preparing final files, messed up with the phantom shell, sometimes gives errors, but I don't think we can do much, the shared maps together with multi-hooks on network has some unexpected behaviours 2022-05-16 16:33:12 -04:00
h3xduck
757a480de9 Completed work on deployer, previous to cron persistence 2022-05-16 12:52:25 -04:00
h3xduck
82fa056955 Added hide directory capabilities for the rootkit 2022-05-16 11:24:59 -04:00
h3xduck
4044d7994c Added sys_openat for the injection module, fully working! 2022-05-16 08:02:38 -04:00
h3xduck
abc501d4be Merge branch 'develop' 2022-05-15 20:49:09 -04:00
h3xduck
78b3132687 Updated some files for eveything to work now that it is all together. Execve hijacker and clients in particular 2022-05-15 20:47:58 -04:00
h3xduck
4a292f0f7a Merged master and develop, now all changes together. Fully tested and working. 2022-05-15 20:46:35 -04:00
h3xduck
57f3edd8fa Fixed bug in client getting local ip 2022-05-15 19:09:04 -04:00
h3xduck
6e76e1ed1a Solved an error in client ip config 2022-05-15 18:08:14 -04:00
h3xduck
ce3b267d01 Fixed phantom shell, added ips for all types of backdoor triggers so that we can use different interfaces 2022-05-15 16:45:47 -04:00
h3xduck
e6cbe7c24a Updated client to work with multiple network interfaces 2022-05-15 15:15:43 -04:00
h3xduck
d509f20974 Completed command passing for phantom shell 2022-05-15 14:44:16 -04:00