Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / h3xduck/TripleCross issues and pull requests

#52 - src/Makefile: Fix #41 and #48 in compiling

Pull Request - State: open - Opened by void0red 6 months ago

#50 - Verifier issue when running XDP module

Issue - State: closed - Opened by h3xduck over 1 year ago - 1 comment
Labels: bug, verifier issue

#49 - Permission Denied: classifier_egress not load

Issue - State: closed - Opened by brielino over 1 year ago - 10 comments
Labels: wontfix, port, verifier issue

#48 - make with libbpf 1.0.1: undefined reference to `bpf_get_link_xdp_id'

Issue - State: open - Opened by tstromberg almost 2 years ago - 1 comment

#46 - Cannot injector to victim with -c option

Issue - State: open - Opened by tarihub almost 2 years ago - 5 comments
Labels: bug, network

#44 - Library injection path error: Segfault simple_timer and simple_open

Issue - State: open - Opened by h3xduck about 2 years ago - 5 comments
Labels: bug, enhancement

#43 - Makefile 102row -lbpf? how do i install it

Issue - State: open - Opened by kay6666 about 2 years ago - 3 comments
Labels: build issue

#42 - user/kit.c:395:40: error: ‘XDP_FLAGS_REPLACE’ undeclared (first use in this function)

Issue - State: closed - Opened by pythonmandev about 2 years ago - 1 comment
Labels: build issue

#41 - TC program compilation __stack_chk_fail not supported

Issue - State: closed - Opened by h3xduck about 2 years ago - 4 comments
Labels: bug, build issue

#40 - segmentation fault when execute_command and the stack overflow caused by parameters

Issue - State: closed - Opened by firmianay about 2 years ago - 5 comments
Labels: security

#39 - make all error~

Issue - State: closed - Opened by 0x7e-1sq about 2 years ago - 12 comments
Labels: bug, HIGH PRIORITY, build issue

#38 - Enhancement: try to hide used space from df and other userspace tools

Issue - State: open - Opened by osevan about 2 years ago
Labels: enhancement, research

#37 - Backdoor update

Pull Request - State: closed - Opened by h3xduck over 2 years ago

#36 - Use openssl to create secure channel connections

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network

#35 - Scanning and writing module at processes memory

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: memory-based

#34 - TFG documentation writing

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: documentation, HIGH PRIORITY

#33 - Update library for new hidden protocol with packet splitting

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: network, HIGH PRIORITY

#32 - Update C2 V1 to work with complete protocol (shown in image sent by email)

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: network, HIGH PRIORITY

#31 - Final C2 version

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: network, HIGH PRIORITY

#29 - Rootkit persistance

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, HIGH PRIORITY

#28 - Rootkit self-destroying

Issue - State: open - Opened by h3xduck over 2 years ago - 1 comment
Labels: enhancement, research

#27 - Multi-machine simulation for C2

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: network

#26 - Library injection + sudo bypass + initial version of C2

Pull Request - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network, memory-based

#25 - Library injection in running processes

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: research, memory-based, HIGH PRIORITY

#24 - We can issue a write syscall whenever we want via bpf_printk. This may lead somewhere

Issue - State: open - Opened by h3xduck over 2 years ago
Labels: research

#23 - Create a program deployer (also creating the needed helpers)

Issue - State: closed - Opened by h3xduck over 2 years ago

#22 - Use TC program to filter egress traffic and camouflage c&c traffic

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network

#21 - Explore uprobes

Issue - State: open - Opened by h3xduck over 2 years ago
Labels: research

#20 - Protection of private and protected maps from foreign programs

Issue - State: open - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation

#19 - Initial version of C2: Remote Code Execution via an execve hijacking scheme

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, network, memory-based

#18 - Basic user memory manipulation + Control over rootkit modules and probes + Basic communication system

Pull Request - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, research, memory-based

#16 - Intercept sudo calls and fake returned value to elevate privileges of a user

Issue - State: closed - Opened by h3xduck over 2 years ago - 1 comment
Labels: enhancement, obfuscation

#15 - Hide alert messages about bpf_probe_write_user at kernel buffer

Issue - State: open - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation

#14 - Activate the userspace runtime config for active ebpf modules from the remote client connected to the backdoor.

Issue - State: open - Opened by h3xduck over 2 years ago - 1 comment
Labels: enhancement, network

#12 - General communication system kernel->userspace via ring buffer and maps

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement

#11 - Modify output of read calls

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation, research

#10 - Hide the executable and a directory for some rootkit binaries

Issue - State: closed - Opened by h3xduck over 2 years ago
Labels: enhancement, obfuscation

#9 - First eBPF codebase, W+R access to incoming traffic and included PoC

Pull Request - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#8 - Recognize interesting outgoing network traffic

Issue - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#7 - Research about what is TX

Issue - State: open - Opened by h3xduck almost 3 years ago
Labels: network, research

#7 - Research about what is TX

Issue - State: open - Opened by h3xduck almost 3 years ago
Labels: network, research

#6 - Capture the transmission answering

Issue - State: open - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#5 - Arbitrarily increase/decrease packet size

Issue - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#4 - Write an arbitrary length payload at any packet independently of its original length

Issue - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#4 - Write an arbitrary length payload at any packet independently of its original length

Issue - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#3 - hook with XDP (external data path)

Issue - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#3 - hook with XDP (external data path)

Issue - State: closed - Opened by h3xduck almost 3 years ago
Labels: enhancement, network

#1 - Hide the XDP program at 'ip link' output

Issue - State: open - Opened by h3xduck almost 3 years ago
Labels: obfuscation

#1 - Hide the XDP program at 'ip link' output

Issue - State: open - Opened by h3xduck almost 3 years ago
Labels: obfuscation