Skip to content
/ pwnkernel Public
forked from pwncollege/pwnkernel

Kernel development & exploitation practice environment.

License

BSD-2-Clause license
0 stars 36 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

micronoyau/pwnkernel

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
.vscode
.vscode
 
 
build
build
 
 
doc
doc
 
 
initramfs
initramfs
 
 
modules
modules
 
 
userspace
userspace
 
 
.gdbinit
.gdbinit
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
launch.sh
launch.sh
 
 
setup.sh
setup.sh
 
 

Repository files navigation

Improved pwn.college kernel exploitation setup

NOTE: you don't need to interact with this repo in the course of interacting with pwn.college. The kernel challenges can be solved in the infrastructure; this is just here as a way to reproduce the infrastructure locally.

Project structure

.
├── build
│   ├── build.Dockerfile            # Dockerfile to build "build" image
│   ├── Makefile                    # Makefile to build kernel, busybox, modules, userspace programs and initramfs
│   └── scripts                     # Various build scripts
├── doc                             # Some doc
├── initramfs                       # Base initial ram filesystem (you can add stuff in there)
├── launch.sh                       # Utility script to launch kernel once it is built
├── LICENSE
├── modules                         # Various toy modules
├── README.md                       # This file
├── setup.sh                        # Helper setup script
└── userspace                       # Various toy userspace programs

What this pwnkernel fork brings to the table

  • Building is done inside a docker container: no more compilation problems depending on your host machine.
  • Added small userspace programs to start playing.
  • Improved init setup: you can now play with several (2 by default, but you can add more) serial ports to have multiple terminals at once.

Setup

Create build docker image

First, run setup.sh : this will build a docker image named pwnkernel-build (this can be configured in build/scripts/config.sh) capable of building older kernels.

Build stuff

You can use individual scripts provided in the build/scripts directory.

Most users will want to build everything by running

make -C build ASSETS=path/to/your/assets

where ASSETS points to an existing directory where your kernel and busybox sources and build targets will be placed, as well as the compressed initramfs.

This will build the kernel, busybox, demo modules, filesystem (initramfs) and userspace programs:

$ ls $ASSETS_DIR
busybox-1.37.0  initramfs.cpio.gz  linux-5.4

You can set the kernel and busybox versions as desired by updating the following makefile variables:

make -C build ASSETS=path/to/your/assets KERNEL_VERSION=xxx BUSYBOX_VERSION=yyy

Running the kernel

./launch.sh <compressed kernel image> <initramfs> <home share>

All modules will be in /lib/modules, ready to be insmoded, and the host's userspace build directory will be mounted as /home/hacker in the guest.

You will be prompted to log in. Default creds:

  • hacker:hacker
  • root:root

You can access an additional PTY using screen or minicom using the PTY symlink named vm-pty.

screen vm-pty

About

Kernel development & exploitation practice environment.

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 47.2%
  • C 37.0%
  • Makefile 11.7%
  • Dockerfile 2.2%
  • Assembly 1.5%
  • GDB 0.4%