PCILeech on Linux
PCILeech on Linux
This section is about running PCILeech on Linux. For more information about targeting Linux systems please check Target: Linux x64.
NB! Mount functionality including mounting file systems of target computers is Windows only feature at the moment. If you require the mount functionality please look into running PCILeech on Windows.
It is possible to run PCILeech on 64-bit Linux systems.
Please find a pre-compiled binary version of pcileech in the latest release in the PCILeech repo. Please note that PCILeech is dependent on the LeechCore library. The required
leechcore.so is co-bundled in the binary release.
Required Drivers (FPGA / USB3380 Hardware):
When using FPGA or USB3380 hardware one must have libusb installed. Libusb is installed on most modern systems so this should not be a cause of concern. PCILeech should work out of the box on 64-bit Linux systems. If libusb is missing please install it by running (as root):
apt-get install libusb-1.0-0.
Normally, PCILeech must be run as root when using FPGA / USB3380 hardware.
To compile for Linux make sure the dependencies are met by running:
apt-get install libusb-1.0-0-dev pkg-config.
Also ensure that the
leechcore.so file exists within the pcileech/files directory. If it does not exist please first build LeechCore and copy the resulting
leechcore.so file to the pcileech/files directory.
To build PCILeech move into the pcileech/pcileech directory and execute:
make. The resulting binary
pcileech will be placed alongside shellcode modules and configuration files in the pcileech/files directory after a successful build.
To build individual shellcode kernel modules and implants please individual instructions in each source file. Kernel modules and implants, even for Linux, are currently built on Windows, but should be possible to build on Linux as well with minimal modifications.