Fork me on GitHub

out-of-tree

out-of-tree kernel {module, exploit} development tool

out-of-tree is for automating some routine actions for creating development environments for debugging kernel modules and exploits, generating reliability statistics for exploits, and also provides the ability to easily integrate into CI (Continuous Integration).

Usage

Build && run module/exploit
$ out-of-tree pew
Test only with one kernel
$ out-of-tree pew --kernel='Ubuntu:4.10.0-30-generic'
Run debug environment
$ out-of-tree debug --kernel='Ubuntu:4.10.0-30-generic'
Test compiled module/exploit
$ out-of-tree pew --binary some_exploit --test some_exploit_test
Identifying vulnerable kernel version
$ out-of-tree pew --guess
And more examples in README.md

Configuration

$ cat kernel-exploit/.out-of-tree.toml
name = "CVE-XXXX-YYYYY exploit"
type = "exploit" # or "module" for LKM

[[supported_kernels]]
distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.4.0-(1|2|3|4)-.*"

[[supported_kernels]]
distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.8.0-(1|2|3|4|5|6|7|8|9|10)-.*"

Installation

If you already have Go, Qemu and Docker installed, there's cross-platform installation checklist:
$ go get -u code.dumpstack.io/tools/out-of-tree
Test kernel module
$ cd $GOPATH/code.dumpstack.io/tools/out-of-tree/examples/kernel-module
$ out-of-tree kernel autogen # generate kernels based on .out-of-tree.toml
$ out-of-tree pew
Test kernel exploit
$ cd $GOPATH/code.dumpstack.io/tools/out-of-tree/examples/kernel-exploit
$ out-of-tree pew

See also README.md