基于libbpf搭的
通过劫持openat stat fstat close read 这几个系统调用,实现劫持cron读取的/etc/crontab,欺骗宿主机中的cron执行攻击者预定的命令,实现逃逸
原理参考 使用 eBPF 逃逸容器技术分析与实践
效果如下:
forked from TomAPU/bpfcronescape
skysider/bpfcronescape
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
About
No description, website, or topics provided.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- C 99.4%
- Other 0.6%