Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / h3xduck/TripleCross issues and pull requests
#52 - src/Makefile: Fix #41 and #48 in compiling
Pull Request -
State: open - Opened by void0red 6 months ago
#51 - error: unknown target triple 'bpf', please use -triple or -arch
Issue -
State: open - Opened by homelanmder about 1 year ago
#50 - Verifier issue when running XDP module
Issue -
State: closed - Opened by h3xduck over 1 year ago
- 1 comment
Labels: bug, verifier issue
#49 - Permission Denied: classifier_egress not load
Issue -
State: closed - Opened by brielino over 1 year ago
- 10 comments
Labels: wontfix, port, verifier issue
#48 - make with libbpf 1.0.1: undefined reference to `bpf_get_link_xdp_id'
Issue -
State: open - Opened by tstromberg almost 2 years ago
- 1 comment
#47 - libssl.so.1.1: cannot open shared object file: No such file or directory
Issue -
State: closed - Opened by yaunsky almost 2 years ago
#46 - Cannot injector to victim with -c option
Issue -
State: open - Opened by tarihub almost 2 years ago
- 5 comments
Labels: bug, network
#45 - When run deploy.sh, i meet loadbpf: load bpf program failed: Permission denied.
Issue -
State: open - Opened by woodyu995 about 2 years ago
#44 - Library injection path error: Segfault simple_timer and simple_open
Issue -
State: open - Opened by h3xduck about 2 years ago
- 5 comments
Labels: bug, enhancement
#43 - Makefile 102row -lbpf? how do i install it
Issue -
State: open - Opened by kay6666 about 2 years ago
- 3 comments
Labels: build issue
#42 - user/kit.c:395:40: error: ‘XDP_FLAGS_REPLACE’ undeclared (first use in this function)
Issue -
State: closed - Opened by pythonmandev about 2 years ago
- 1 comment
Labels: build issue
#41 - TC program compilation __stack_chk_fail not supported
Issue -
State: closed - Opened by h3xduck about 2 years ago
- 4 comments
Labels: bug, build issue
#40 - segmentation fault when execute_command and the stack overflow caused by parameters
Issue -
State: closed - Opened by firmianay about 2 years ago
- 5 comments
Labels: security
#39 - make all error~
Issue -
State: closed - Opened by 0x7e-1sq about 2 years ago
- 12 comments
Labels: bug, HIGH PRIORITY, build issue
#38 - Enhancement: try to hide used space from df and other userspace tools
Issue -
State: open - Opened by osevan about 2 years ago
Labels: enhancement, research
#37 - Backdoor update
Pull Request -
State: closed - Opened by h3xduck over 2 years ago
#36 - Use openssl to create secure channel connections
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network
#35 - Scanning and writing module at processes memory
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: memory-based
#34 - TFG documentation writing
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: documentation, HIGH PRIORITY
#33 - Update library for new hidden protocol with packet splitting
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: network, HIGH PRIORITY
#32 - Update C2 V1 to work with complete protocol (shown in image sent by email)
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: network, HIGH PRIORITY
#31 - Final C2 version
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: network, HIGH PRIORITY
#30 - Adding more syscalls for the library injection + using the injected library for some PoC like action
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement
#29 - Rootkit persistance
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, HIGH PRIORITY
#28 - Rootkit self-destroying
Issue -
State: open - Opened by h3xduck over 2 years ago
- 1 comment
Labels: enhancement, research
#27 - Multi-machine simulation for C2
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: network
#26 - Library injection + sudo bypass + initial version of C2
Pull Request -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network, memory-based
#25 - Library injection in running processes
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: research, memory-based, HIGH PRIORITY
#24 - We can issue a write syscall whenever we want via bpf_printk. This may lead somewhere
Issue -
State: open - Opened by h3xduck over 2 years ago
Labels: research
#23 - Create a program deployer (also creating the needed helpers)
Issue -
State: closed - Opened by h3xduck over 2 years ago
#22 - Use TC program to filter egress traffic and camouflage c&c traffic
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network
#21 - Explore uprobes
Issue -
State: open - Opened by h3xduck over 2 years ago
Labels: research
#20 - Protection of private and protected maps from foreign programs
Issue -
State: open - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation
#19 - Initial version of C2: Remote Code Execution via an execve hijacking scheme
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network, memory-based
#18 - Basic user memory manipulation + Control over rootkit modules and probes + Basic communication system
Pull Request -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, research, memory-based
#17 - Allow for overwritten read calls to have different size (investigate on fstat modification)
Issue -
State: open - Opened by h3xduck over 2 years ago
- 1 comment
#16 - Intercept sudo calls and fake returned value to elevate privileges of a user
Issue -
State: closed - Opened by h3xduck over 2 years ago
- 1 comment
Labels: enhancement, obfuscation
#15 - Hide alert messages about bpf_probe_write_user at kernel buffer
Issue -
State: open - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation
#14 - Activate the userspace runtime config for active ebpf modules from the remote client connected to the backdoor.
Issue -
State: open - Opened by h3xduck over 2 years ago
- 1 comment
Labels: enhancement, network
#13 - Modularize the rootkit, enable activation/deactivation of modules at runtime from the userspace program
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement
#12 - General communication system kernel->userspace via ring buffer and maps
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement
#11 - Modify output of read calls
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation, research
#10 - Hide the executable and a directory for some rootkit binaries
Issue -
State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation
#9 - First eBPF codebase, W+R access to incoming traffic and included PoC
Pull Request -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#8 - Recognize interesting outgoing network traffic
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#7 - Research about what is TX
Issue -
State: open - Opened by h3xduck almost 3 years ago
Labels: network, research
#7 - Research about what is TX
Issue -
State: open - Opened by h3xduck almost 3 years ago
Labels: network, research
#6 - Capture the transmission answering
Issue -
State: open - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#5 - Arbitrarily increase/decrease packet size
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#4 - Write an arbitrary length payload at any packet independently of its original length
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#4 - Write an arbitrary length payload at any packet independently of its original length
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#3 - hook with XDP (external data path)
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#3 - hook with XDP (external data path)
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network
#2 - Fix the client built with rawtcp lib. For some reason it is sending malformed messages while on the VM.
Issue -
State: closed - Opened by h3xduck almost 3 years ago
Labels: bug, network
#1 - Hide the XDP program at 'ip link' output
Issue -
State: open - Opened by h3xduck almost 3 years ago
Labels: obfuscation
#1 - Hide the XDP program at 'ip link' output
Issue -
State: open - Opened by h3xduck almost 3 years ago
Labels: obfuscation