Fork me on GitHub

out-of-tree

out-of-tree kernel {module, exploit} development tool

Usage

Build && run module/exploit
$ out-of-tree pew
Test only with one kernel
$ out-of-tree pew --kernel='Ubuntu:4.10.0-30-generic'
Run debug environment
$ out-of-tree debug --kernel='Ubuntu:4.10.0-30-generic'
Test compiled module/exploit
$ out-of-tree pew --binary some_exploit --test some_exploit_test
Identifying vulnerable kernel version
$ out-of-tree pew --guess
And more examples in README.md

Configuration

$ cat kernel-exploit/.out-of-tree.toml
name = "CVE-XXXX-YYYYY exploit"
type = "exploit" # or "module" for LKM

[[supported_kernels]]
distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.4.0-(1|2|3|4)-.*"

[[supported_kernels]]
distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.8.0-(1|2|3|4|5|6|7|8|9|10)-.*"

Installation

If you already have Go, Qemu and Docker installed, there's cross-platform installation checklist:
$ go get -u github.com/jollheef/out-of-tree
$ out-of-tree bootstrap 
Test kernel module
$ cd $GOPATH/github.com/jollheef/out-of-tree/examples/kernel-module
$ out-of-tree kernel autogen # generate kernels based on .out-of-tree.toml
$ out-of-tree pew
Test kernel exploit
$ cd $GOPATH/github.com/jollheef/out-of-tree/examples/kernel-exploit
$ out-of-tree pew

See also README.md