djmil/sumo
djmil/sumo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fe03298689
sumo/README.md
Andriy Petrov fe03298689 credentials link
2024-04-25 22:05:17 +02:00

35 lines
1.1 KiB
Markdown
Raw Blame History

Sumo is a Linux Kernel module that grants root access credentials to any user-space process by PID.
# TL;DR
*.bashrc*
```bash
make # build
sudo insmod sumo.ko # install
./whoami # test
```
# How it works
In it's `init()` function, *sumo* kernel module creates `/proc/sumo` file and waits for PID to be written. Afterwards, it fetches instance of a `task_struct` [kernel structure](https://medium.com/@boutnaru/linux-kernel-task-struct-829f51d97275) associated with the given PID and modifies its values accordingly. The main point of interest is the data stored in [credentials structure](https://docs.kernel.org/security/credentials.html).
```text
sumo __ SUdo
,;.'--'. MOdule
/"/=,=(
\( __/
___/ (____
.' - - '.
/ v \
__/ , | \ '-/'_
{z, ,__/__,__/\__,_ )__( z}
\>' ( \_ `--c/
_.-'\_ , / \_
( `.______.' '.
\ , \ ( __ )
\ )-'-\__/-' | /
| | / .'
/ ,) ( \_
oooO' '--Ooo
```
Reference in New Issue View Git Blame Copy Permalink