djmil/sumo
djmil/sumo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dd377395b4
sumo/README.md

34 lines
1.1 KiB
Markdown
Raw Normal View History

source
2024-04-25 21:51:18 +02:00
Sumo is a Linux Kernel module that grants root access credentials to any user-space process by PID.
Initial commit
2024-04-25 21:47:45 +02:00
source
2024-04-25 21:51:18 +02:00
# TL;DR
```bash
make # build
sudo insmod sumo.ko # install
./whoami # test
```
# How it works
credentials link
2024-04-25 22:05:17 +02:00
In it's `init()` function, *sumo* kernel module creates `/proc/sumo` file and waits for PID to be written. Afterwards, it fetches instance of a `task_struct` [kernel structure](https://medium.com/@boutnaru/linux-kernel-task-struct-829f51d97275) associated with the given PID and modifies its values accordingly. The main point of interest is the data stored in [credentials structure](https://docs.kernel.org/security/credentials.html).
source
2024-04-25 21:51:18 +02:00
```text
sumo __ SUdo
,;.'--'. MOdule
/"/=,=(
\( __/
___/ (____
.' - - '.
/ v \
__/ , | \ '-/'_
{z, ,__/__,__/\__,_ )__( z}
\>' ( \_ `--c/
_.-'\_ , / \_
( `.______.' '.
\ , \ ( __ )
\ )-'-\__/-' | /
| | / .'
/ ,) ( \_
oooO' '--Ooo
```
Reference in New Issue Copy Permalink