Skip to main content

okftools to achieve overloading kernel function under Linux 5.19

Project description

项目名称:

    基于系统调用重载的系统级资源访问审计

项目团队

    麻家乐 王梓睿 孙靖轩 张天铄 汪何希

主要工作

    1. 获取系统调用表 sys_call_table。
    2. 实现系统函数重载和地址写入。
    3. 实现内核和用户层间的信息交互。
    4. 将信息保存为日志及尝试相关扩展处理。
    5. 实现了图形化界面,提供可视化操作方便用户使用。

开发环境

    Ubuntu 22.04  linux-5.19

使用方法

    1.pip install okftools

图1 pip install okftools
    2.pip show okftools

图2 pip show okftools
    3.cd the okftools path

    4.python okftools_setup.py or python3 okftools_setup.py 


图3 python okftools_setup.py
    5. input the following command to use okftools
            ./oktfools

图4 oktfools

注意事项

    * If the following error occurs:
            libGL error: failed to load driver: swrast.
            libGL error: failed to load driver: vmwgfx
    * please try:
            conda install -c conda-forge gcc=12.1.0

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

okftools-0.1.1.tar.gz (188.4 kB view details)

Uploaded Source

File details

Details for the file okftools-0.1.1.tar.gz.

File metadata

  • Download URL: okftools-0.1.1.tar.gz
  • Upload date:
  • Size: 188.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.9

File hashes

Hashes for okftools-0.1.1.tar.gz
Algorithm Hash digest
SHA256 3c98c876e485aae2f02c4b23dd50f4c9fd50efa6c5faa5dc2899f6ed9881ff9a
MD5 4f77fd7b64f1741cc0c8588645222ccb
BLAKE2b-256 923a3cf0299581b7557d3b8008b1b6a6d7d76b9d1aa33e9f1e7f6ffc200d6611

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page