djmil/sumo
djmil/sumo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dd377395b4
sumo/README.md
djmil dd377395b4 Update README.md
2024-04-29 14:35:33 +02:00

1.1 KiB
Raw Blame History

Sumo is a Linux Kernel module that grants root access credentials to any user-space process by PID.

TL;DR

make                 # build
sudo insmod sumo.ko  # install
./whoami             # test

How it works

In it's init() function, sumo kernel module creates /proc/sumo file and waits for PID to be written. Afterwards, it fetches instance of a task_struct kernel structure associated with the given PID and modifies its values accordingly. The main point of interest is the data stored in credentials structure.

sumo         __        SUdo
         ,;.'--'.      MOdule 
          /"/=,=(
          \(  __/
       ___/    (____
     .'     -  -    '.
    /         v       \
 __/    ,     |    \   '-/'_
{z, ,__/__,__/\__,_ )__(   z}
 \>'   (            \_ `--c/
    _.-'\_      ,   / \_
   (      `.______.'    '.
   \    ,   \    ( __     )
    \    )-'-\__/-'  |   /
     |   |          /  .'
     /  ,)         (   \_
    oooO'           '--Ooo