Linux Kernel module that grants root access credentials to any user-space process by PID
Go to file
Andriy Petrov 29faf5bb06 formatting
2024-04-25 21:56:30 +02:00
.gitignore Initial commit 2024-04-25 21:47:45 +02:00
LICENSE Initial commit 2024-04-25 21:47:45 +02:00
Makefile source 2024-04-25 21:51:18 +02:00
README.md source 2024-04-25 21:51:18 +02:00
sumo.c formatting 2024-04-25 21:56:30 +02:00
whoami.sh source 2024-04-25 21:51:18 +02:00

Sumo is a Linux Kernel module that grants root access credentials to any user-space process by PID.

TL;DR

.bashrc

make                 # build
sudo insmod sumo.ko  # install
./whoami             # test

How it works

In it's init() function, sumo kernel module creates /proc/sumo file and waits for PID to be written. Afterwards, it fetches instance of a task_struct kernel structure associated with the given PID and modifies its values accordingly.

sumo         __        SUdo
         ,;.'--'.      MOdule 
          /"/=,=(
          \(  __/
       ___/    (____
     .'     -  -    '.
    /         v       \
 __/    ,     |    \   '-/'_
{z, ,__/__,__/\__,_ )__(   z}
 \>'   (            \_ `--c/
    _.-'\_      ,   / \_
   (      `.______.'    '.
   \    ,   \    ( __     )
    \    )-'-\__/-'  |   /
     |   |          /  .'
     /  ,)         (   \_
    oooO'           '--Ooo