Name		Name	Last commit message	Last commit date
Latest commit History 1 Commits
seabios		seabios
vdso-test		vdso-test
.gitignore		.gitignore
Makefile		Makefile
README.md		README.md
hijack_vdso.c		hijack_vdso.c
payload.s		payload.s
shellcode.rb		shellcode.rb
smm-trigger-local.c		smm-trigger-local.c
smm-trigger-remote.py		smm-trigger-remote.py
trigger_smi.c		trigger_smi.c

Repository files navigation

The Sea Watcher

Implementation of The Watcher, a SMM rootkit:

This is a (dirty) proof-of-concept.

Files

hijack_vdso.c: SMM payload hijacking VDSO
payload.s: shellcode written to VDSO by hijack_vdso.c
seabios/: SMM backdoor, applied against SeaBIOS
shellcode.rb: metasm script to compile hijack_vdso.c
smm-trigger-local.c: trigger the execution of the SMM payload from a local account
smm-trigger-remote.py: trigger the execution of the SMM payload from the network
trigger_smi.c
vdso-test/: stuff to test VDSO shellcodes

About

Implementation of the SMM rootkit "The Watcher"

Report repository

Releases

No releases published

Packages

No packages published

Languages

C 70.7%
Assembly 9.0%
Python 9.0%
Makefile 6.7%
Ruby 4.1%
Objective-C 0.5%