kernel-sanders is a security capstone project implementing a full, automated attack chain against a hardened AArch64 Linux target, from initial code execution via a vulnerable network service, through kernel privilege escalation, to persistent kernel-level compromise via a custom loadable rootkit with a covert C2 channel, process/file hiding, shellcode injection, and encrypted exfiltration.
- How to Run -+ build instructions, VM setup, running the exploit chain, and C2 usage
- Writeup -+ full technical writeup covering design decisions, implementation details, and attack chain walkthrough
- Key Bugs & Fixes -+ notable bugs encountered during development
- Design Changes -+ design-level changes made to resolve bugs (scheduling-while-atomic, path normalization, symlink blocking)
- [Poster] -+ poster that was shown during the poster session.
- COLDSPARK -+ Mission briefing from instructor.
kernel-sanders implements a 4-stage attack chain against MERIDIAN Defense Group's "Secure Terminal Service":
The poster we showed at the poster session. Download a pdf version here.
