Comments (4)
Yeah we didn't test the rootkit on Arch, you will have to use Ubuntu 21.04 if you want to compile it.
For the record, these are issues with using TripleCross in a different distro and version that I can think of:
- Your compiler toolchain is different than the one in Ubuntu 21.04 (we used Clang v12). This results in the compiler sometimes generating instructions which are not valid in BPF (this is your case). You either will have to switch compiler or try with different fixes,
-fno-stack-protector
might work in your case. - The library injection module depends on specific opcodes of functions at glibc which may vary between versions. We used glibc 2.33
We may extend it to other versions in the future, but for now you may need to patch it yourself or switch to the supported system.
from triplecross.
@yasindce1998 can you check the distro and version you are using?
lsb_release -a
The rootkit has only been tested in Ubuntu 21.04, if you are using this version already, which clang version are you on?
clang -v
from triplecross.
@h3xduck Apologies for the late response and Thank you for reviewing it.
Here is what you needed.
➜ ~ lsb_release -a
LSB Version: n/a
Distributor ID: Arch
Description: Arch Linux
Release: rolling
Codename: n/a
➜ ~ clang -v
clang version 13.0.1
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-pc-linux-gnu/12.1.0
Found candidate GCC installation: /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.1.0
Selected GCC installation: /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.1.0
Candidate multilib: .;@m64
Candidate multilib: 32;@m32
Selected multilib: .;@m64
➜ ~
Extra informations
Operating System: Arch Linux
Kernel: Linux 5.18.5-arch1-1
Architecture: x86-64
Hardware Vendor: Lenovo
Hardware Model: Lenovo E41-25
from triplecross.
@h3xduck Thank you! I can switch to Ubuntu 21.04. Thank you for the clarification!
from triplecross.
Related Issues (20)
- Final C2 version
- Update C2 V1 to work with complete protocol (shown in image sent by email)
- Update library for new hidden protocol with packet splitting
- TFG documentation writing
- Scanning and writing module at processes memory
- Use openssl to create secure channel connections
- Enhancement: try to hide used space from df and other userspace tools
- make all error~ HOT 12
- segmentation fault when execute_command and the stack overflow caused by parameters HOT 5
- user/kit.c:395:40: error: ‘XDP_FLAGS_REPLACE’ undeclared (first use in this function) HOT 1
- Makefile 102row -lbpf? how do i install it HOT 3
- Library injection path error: Segfault simple_timer and simple_open HOT 5
- When run deploy.sh, i meet loadbpf: load bpf program failed: Permission denied.
- Cannot injector to victim with -c option HOT 5
- libssl.so.1.1: cannot open shared object file: No such file or directory
- make with libbpf 1.0.1: undefined reference to `bpf_get_link_xdp_id' HOT 1
- Permission Denied: classifier_egress not load HOT 10
- Verifier issue when running XDP module HOT 1
- error: unknown target triple 'bpf', please use -triple or -arch
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from triplecross.